TLS 1.3 enabled or not?

[dominic.stalder at unibe.ch]

Hi Luca

We have TLS 1.2 / 1.3 allowed and did not have any issues with this so far; deactivated TLS 1.0 / 1.1 about 1.5 months ago:

cipher_list = "ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-CHACHA20-POLY1305 TLS_AES_256_GCM_SHA384"
tls_min_version = "1.2"
tls_max_version = "1.3"

Regards
Dominic

Am 27.09.24, 10:27 schrieb "Freeradius-Users im Auftrag von Luca Borruto via Freeradius-Users" <freeradius-users-bounces+dominic.stalder=unibe.ch at lists.freeradius.org <mailto:unibe.ch at lists.freeradius.org> im Auftrag von freeradius-users at lists.freeradius.org <mailto:freeradius-users at lists.freeradius.org>>:


Hi everyone!


Have you enabled TLS 1.3 in your configuration? I read somewhere it can
cause issues, but we mostly use recent Windows and macOS machines, and I
was wondering if we could benefit from it.
tls_min_version = 1.2
tls_max_version = 1.3


Thanks !
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html <http://www.freeradius.org/list/users.html>