TLS 1.3 Configuration
Alan DeKok
aland at deployingradius.com
Wed Dec 14 15:11:32 UTC 2022
On Dec 14, 2022, at 8:39 AM, Boby Tharappel <bobytharappel.mec at gmail.com> wrote:
> a works, but I'm trying to get Tls 1.3 connections only. Supplicant 2.10
> supports tls 1.3 according to their documentations.
Then it needs to be configured to use TLS 1.3.
We test v3 with TLS 1.3 and wpa_supplicant, but we use a version from git, which works.
> The protocol version doesn't match---> I have a question here, it seems the
> server received a 1.3 handshake, but returned a 1.2 alert? What might be
> causing that?
TLS nonsense. The version in the TLS packets is 1.2... or 1.3... mostly, until it's negotiated. And then the version becomes stable.
So the error is important. The TLS versions printed before that are less useful, and don't really mean much.
Alan DeKok.
More information about the Freeradius-Users
mailing list