[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freeradius-users
Subject:    Re: TLS version mismatch EAP TLS
From:       Alan DeKok <aland () deployingradius ! com>
Date:       2021-04-16 13:05:47
Message-ID: 90AC3B7D-59E0-4ECD-AEBE-DE1370C8D36F () deployingradius ! com
[Download RAW message or body]

On Apr 16, 2021, at 8:50 AM, De Sylvain <starzzzzzz23@gmail.com> wrote:
> Accros few link(show below) I understood that TLS 1.3 was not correctly
> supported on freeradius.

  No.

  The previous messages I posted about this are very clear.

  THERE IS NO STANDARD FOR USING TLS 1.3 WITH EAP.  THE STANDARD DOES NOT EXIST.  \
THEREFORE NO ONE SHOULD USE TLS 1.3 WITH EAP.

  It is wrong to say the "TLS 1.3 is not correctly supported on FreeRADIUS".   It is \
correct to say that EAP-TLS does not support TLS 1.3.

> I have the same issue like this post #3665
> <https://github.com/FreeRADIUS/freeradius-server/issues/3665> However my
> window client is correctly configured and it do no use tls version 1.3.

  No.  It's still doing TLS 1.3.  FreeRADIUS isn't lying to you.

  http://lists.freeradius.org/pipermail/freeradius-users/2020-November/099104.html

  This has all been discussed before on the mailing list, and on GitHub where it \
looks like you posted this same question.  The answer hasn't changed.

  Configure "cipher_list" as noted there, and by Jochem.  Or, use the v3.0.x branch \
from GitHub.

  Alan DeKok.


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html


[prev in list] [next in list] [prev in thread] [next in thread]