[prev in list] [next in list] [prev in thread] [next in thread]
List: freeradius-users
Subject: Re: TLS version mismatch EAP TLS
From: Alan DeKok <aland () deployingradius ! com>
Date: 2021-04-16 13:05:47
Message-ID: 90AC3B7D-59E0-4ECD-AEBE-DE1370C8D36F () deployingradius ! com
[Download RAW message or body]
On Apr 16, 2021, at 8:50 AM, De Sylvain <starzzzzzz23@gmail.com> wrote:
> Accros few link(show below) I understood that TLS 1.3 was not correctly
> supported on freeradius.
No.
The previous messages I posted about this are very clear.
THERE IS NO STANDARD FOR USING TLS 1.3 WITH EAP. THE STANDARD DOES NOT EXIST. \
THEREFORE NO ONE SHOULD USE TLS 1.3 WITH EAP.
It is wrong to say the "TLS 1.3 is not correctly supported on FreeRADIUS". It is \
correct to say that EAP-TLS does not support TLS 1.3.
> I have the same issue like this post #3665
> <https://github.com/FreeRADIUS/freeradius-server/issues/3665> However my
> window client is correctly configured and it do no use tls version 1.3.
No. It's still doing TLS 1.3. FreeRADIUS isn't lying to you.
http://lists.freeradius.org/pipermail/freeradius-users/2020-November/099104.html
This has all been discussed before on the mailing list, and on GitHub where it \
looks like you posted this same question. The answer hasn't changed.
Configure "cipher_list" as noted there, and by Jochem. Or, use the v3.0.x branch \
from GitHub.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic