[EXT] TLS 1.3
Matthew Newton
mcn at freeradius.org
Wed Jun 9 21:23:15 CEST 2021
On 04/06/2021 10:40, HERCEK, Marián wrote:
> I had to downgrade to 3.0.21 where old devices work.
>
> I've tried config from 3.0.21 with 3.0.22 binary - didn't work.
> I've tried config shipped with 3.0.22 binary - didn't work.
> I've tried numerous config changes suggested on internet and here - didn't work.
>
> I've tried 3.0.21 binary with backuped 3.0.21 config - it works.
I've tested this.
In raddb/mods-enabled/eap "tls-config tls-common" section, set:
tls_min_version = 1.0
tls_max_version = 1.2
cipher_list = "DEFAULT at SECLEVEL=1"
Then it works.
--
Matthew
More information about the Freeradius-Users
mailing list