TLS 1.3 for PEAP?

Alex Perez Alex.Perez-Mendez at jisc.ac.uk
Tue Jul 9 16:14:00 CEST 2019


> The only case I know of where a client has attempted to negotiate TLS 1.3 (for peap) is an Ubuntu 18.04 client
> running OpenSSL 1.1.1 and it fails during TLS negotiation with our FreeRADIUS server which is v3.0.17 on RHEL
> 7.6 with OpenSSL 1.1.1c.
>
> Do we know with any certainty whether this is a problem with OpenSSL, FreeRADIUS or something else with
> the peers?  I can resolve the problem by setting “tls_max_version = ‘1.2’” but would like to see the negotiation
> for 1.3 succeed.
I recommend you to use the latest release 3.0.19, as there are a number 
of TLS 1.3 issues that were fixed.

Best regards,
Alejandro

Jisc is a registered charity (number 1149740) and a company limited by guarantee which is registered in England under Company No. 5747339, VAT No. GB 197 0632 86. Jisc’s registered office is: One Castlepark, Tower Hill, Bristol, BS2 0JA. T 0203 697 5800.

Jisc Services Limited is a wholly owned Jisc subsidiary and a company limited by guarantee which is registered in England under company number 2881024, VAT number GB 197 0632 86. The registered office is: One Castle Park, Tower Hill, Bristol BS2 0JA. T 0203 697 5800.  



More information about the Freeradius-Users mailing list