RADSEC / TLS errors but not sure why
James Wood
james.wood at purplewifi.com
Tue Aug 8 20:00:38 UTC 2023
Just wanted to provide an update on this.
I rebuilt the server, did a fresh install of openssl 3.0.2 and libssl-dev
(same version) and it started working with the same certs.
After comparing the two, it appears that when freeradius was compiled, it
chose an old openssl 1.x library and wasn't actually using the correct one
at all. I don't know how that old version was on the box at time of compile
(as well as 3.0.2) but once I'd removed 1.x and compiled again, it began
working on the server.
This was also why, when manually launching a server using openssl s_server
with the cert, because that was using 3.0.2 it was good.
The client didn't change in any way, so it was 100% this.
Thanks for the explanation and help. I've learnt something from this.
James
More information about the Freeradius-Users
mailing list