Not able to block a specific TLS1.3 cipher
Alan DeKok
aland at deployingradius.com
Thu Apr 24 11:42:57 UTC 2025
On Apr 24, 2025, at 7:09 AM, Akhil Pillai <akhilpillai101 at gmail.com> wrote:
>
> Here's an interesting thread that i read in stackoverflow , it mentions
> that the cipher we put under cipher_list is compared by the OpenSSL against
> the tls1.2 ciphers(Which might be true,since i am able to add specific
> tls1.2 ciphers and it works). For tls1.3, they did suggest to use
> tls_ciphersuites within the eap file.
Most of the external web sites / documentation are wrong. At best, that recommendation is a typo or a misunderstanding.
The server comes with FULL documentation for everything it supports. There is no "tls_ciphersuites" configuration. There's just "cipher_list"
Alan DeKok.
More information about the Freeradius-Users
mailing list