TLS 1.3 Configuration

Alan DeKok aland at
Wed Dec 14 12:58:54 UTC 2022

On Dec 14, 2022, at 2:09 AM, Boby Tharappel <bobytharappel.mec at> wrote:
> I'm trying to do an EAP TLS connection with TLS 1.3
> Device is running wpa_supplicant V 2.10 and openssl 1.1.1q.

  I'm not sure wpa_supplicant 2.10 supports TLS 1.3
> (9) eap_tls: (TLS) send TLS 1.2 Alert, fatal protocol_version
> (9) eap_tls: ERROR: (TLS) Alert write:fatal:protocol version

  That seems pretty clear.  The protocol versions don't match.

a) allow TLS 1.2 in FreeRADIUS

b) force wpa_supplicant 2.10 to use TLS 1.3

c) upgrade wpa_supplicant to a version (from git) which supports TL 1.3.

  Pick one.  (b) might not work, but (a) or (c) definitely work

  Alan DeKok.

More information about the Freeradius-Users mailing list