TLS Alert read:fatal:internal error

Alan DeKok aland at
Thu May 27 21:17:56 CEST 2021

On May 27, 2021, at 1:06 PM, Piotr Rudzki <ryba.lodz at> wrote:
> I've strange problem with freeradius. It was working as expected and
> suddenly stopped authenticate wpa2-eap users to active directory.
> I've recreated whole VM with freeradius server without success.
> Same credentials work for ikev2 mschapv2 authentication but not for
> wireless wpa2-eap (android and windows clients). Am I missing something?
> ...
> (9) eap_peap: <<< recv TLS 1.2  [length 0002]
> (9) eap_peap: ERROR: TLS Alert read:fatal:internal error
> (9) eap_peap: TLS_accept: Need to read more data: error
> (9) eap_peap: ERROR: Failed in __FUNCTION__ (SSL_read): error:14094438:SSL
> routines:ssl3_read_bytes:tlsv1 alert internal error

  Try 3.0.22.  It has much better error messages for TLS.

  But the errors are in the TLS layer.  i.e. OpenSSL.  It's very difficult for us to know what to do here.

  Alan DeKok.

More information about the Freeradius-Users mailing list