iOS mysterious issues on Freeradius 3.0.14

John Tobin jtobin at
Thu Mar 23 19:34:10 CET 2017

Where is the tls 1.2 negotiation documented, I am somewhat of a newbie, I
did search google for tls disable free radiusd, etc. didn¹t see anything
like a disable switch/ or option, but then I may not have been looking in
the right place. The only note that makes sense is one that says you
simply don¹t install the client cert.

The problem I am facing maybe using the Dot1xprofiler. It doesn¹t have all
the options I need to put in 1. Certificate[s], and a WPA password, and an
userid/passwprd pair. I may have a work around for that -> I build the
Dot1xprofile, then use the command line profile command to print out the
plist of the profile [profiles -L -o [pathAndFileName] -> run man on the
profiles command look at the examples] then edit the profile to include
wpa2  EncrptionType, and fill in a password, then use the profiles command
again to recreate [install] the profile with you updates. Well some thing
like that.

Give me a word on the tls situation. I do get it, if you don¹t include the
client cert, then the TLS [with the server cert installed] checks to make
sure you have the correct server, and the client authentication is by
userid / Password. But that is kind of a miss of true TLS which would need
both the server and the client cert supported.


On 3/22/17, 18:16, "Freeradius-Users on behalf of A.L.M.Buxey at"
< at on
behalf of A.L.M.Buxey at> wrote:

>> The log snip below, shows test on os x Sierra, Windows 7 works, I have
>> had the time to test win 10.
>> So free Radiusd works, this is just an apple os x problem, server cert
>> self signed, dot1xprofiler is my profile app, and has both the signed
>> [server.pem] and client cert [client.p12] generated by the make in
>> /etc/raddb/certs.
>well, client issue....TLS issue... I would suggest looking at my previous
>and trying that config option out.
>List info/subscribe/unsubscribe? See

More information about the Freeradius-Users mailing list