TLS error 'Failed in proxy receive'

Tue Oct 1 14:28:33 CEST 2019

Can somebody please help with this issue ?

Thanks ,
Nitin

On Fri, 27 Sep 2019 at 13:04, Sharma, Nitin via Freeradius-Users <
freeradius-users at lists.freeradius.org> wrote:

> Hello Arran,
>
> Thanks for the response. We are seeing these error only when we are adding
> below virtual server detail.
>
> ```
> listen {
>           ipaddr = *
>           port = 2083
>                 type = auth+acct
>          proto = tcp
>          virtual_server = default
>          clients = radsec
>    limit {
>            max_connections = 0
>            lifetime = 0
>            idle_timeout = 300
>    }
>    tls {
>          private_key_file = ${certdir}/server.pem
>          certificate_file = ${certdir}/server.crt
>          ca_file = ${cadir}/CA_list.pem
>          dh_file = ${certdir}/dh
>          fragment_size = 8192
>          ca_path = ${cadir}
>          cipher_list = "DEFAULT"
>      cache {
>              enable = no
>              lifetime = 24
>             max_entries = 255
>      }
>      require_client_cert = yes
>
>      verify {
>      }
>    }
> }
> clients radsec {
>    client ALL {
>                  ipaddr = 0.0.0.0
>                  proto = tls
>                  secret = <MASKED>
>    }
> }
> ```
>
> Not sure what wrong with this config.
>
> Thanks & Regards,
> Nitin Sharma
>
> On 26/09/19, 8:39 PM, "Arran Cudbard-Bell" <a.cudbardb at freeradius.org>
> wrote:
>
>
>
>     > On Sep 26, 2019, at 2:19 AM, Sharma, Nitin via Freeradius-Users <
> freeradius-users at lists.freeradius.org> wrote:
>     >
>     > Hello Alan,
>     >
>     > Thanks for the response.
>     > I am running latest version of OpenSSL and radius version is 3.0.19.
>     >
>     > openssl-1.0.2k-16.amzn2.1.1.x86_64
>
>     The latest version of OpenSSL 1.1.1d.  The latest version of OpenSSL
> in the 1.0.2 series is now OpenSSL 1.0.2t.
>
>     -Arran
>
>
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html