TLS 1.3 Configuration
Marek Zarychta
zarychtam at plan-b.pwste.edu.pl
Wed Dec 14 16:55:58 UTC 2022
W dniu 14.12.2022 o 17:03, Marek Zarychta pisze:
> W dniu 14.12.2022 o 16:11, Alan DeKok pisze:
>> On Dec 14, 2022, at 8:39 AM, Boby
>> Tharappel<bobytharappel.mec at gmail.com> wrote:
>>> a works, but I'm trying to get Tls 1.3 connections only. Supplicant
>>> 2.10
>>> supports tls 1.3 according to their documentations.
>> Then it needs to be configured to use TLS 1.3.
>
> To make TLS 1.3 working with wpa_supplicnant v2.10 it has to be
> explicitly enabled; wpa_supplicant.conf must include:
>
> |phase1="tls_disable_tlsv1_3=0"|
>
>>> The protocol version doesn't match---> I have a question here, it
>>> seems the
>>> server received a 1.3 handshake, but returned a 1.2 alert? What
>>> might be
>>> causing that?
>
>>> (9) eap_tls: (TLS) recv TLS 1.3 Handshake, ClientHello
>>>
> From my experience the server is always replying this way when it's
> configured to support TLS 1.3.
I wasn't clear. Not replying, but logging TLS 1.2 client handshake as
TLS 1.3 attempt.
--
Marek Zarychta
More information about the Freeradius-Users
mailing list