freeradius - TLS1.3 support
Akhil Pillai
akhilpillai101 at gmail.com
Wed Feb 19 08:23:01 UTC 2025
I tried with tls 1.2 and it works fine. And with the same client, i tried
tls1.3 using a wired connection, it worked fine there as well. Only when i
am trying to authenticate it using wireless , its failing.
On Fri, 14 Feb 2025 at 22:00, Alan DeKok <aland at deployingradius.com> wrote:
> On Feb 14, 2025, at 10:53 AM, Akhil Pillai <akhilpillai101 at gmail.com>
> wrote:
> > This one should have the whole debug out i think.
>
> Thanks.
>
> From looking at it, I suspect that the issue is the client doesn't
> support TLS 1.3.
>
> In general, it's best to start debugging with the TLS configuration as
> wide open as possible. Allow TLS 1.1, 1.2, all ciphers suites, etc. Then
> test it, and gradually make it more secure.
>
> That way if it stops working, you know exactly what change make it stop
> working.
>
> The problem with just mashing all of the TLS configuration at the same
> time is that you have no idea whether TLS works at all, or which part of
> the changes made it stop working.
>
> Alan DeKok.
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
More information about the Freeradius-Users
mailing list