RADSEC / TLS errors but not sure why

Alan DeKok aland at deployingradius.com
Mon Aug 7 16:52:16 UTC 2023


On Aug 7, 2023, at 12:18 PM, James Wood via Freeradius-Users <freeradius-users at lists.freeradius.org> wrote:
> The thing is, I am using the same Openroaming issued certificate as
> other RADSEC providers.

  That doesn't matter.  I've suggested multiple times what you can do to help track down the issue.

> But when querying my server using the same CA issued certificate:
> 
> CONNECTED(00000003)
> 140245345748288:error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert
> handshake failure:ssl/record/rec_layer_s3.c:1555:SSL alert number 40
> ---
> no peer certificate available
> ---
> No client certificate CA names sent

  Which is a different error.  And therefore unrelated to the original "no shared cipher suite" message.

  You're trying to fix the problem by trying random things.  And, by looking at unrelated systems with different configurations.

a) ask one of the other systems how they configured FreeRADIUS, and then do the same thing yourself.

b) follow the suggestions given here for tracking the problem down.

  Pick one.

  There is no option:

c) ignore all of the advice on the list, and instead try a bunch of random other things

  Alan DeKok.



More information about the Freeradius-Users mailing list