Hi All, My client is a windows XP and Freeradius version is 3.0.15 and openssl version is [OpenSSL 1.0.1t 3 May 2016 (Library: OpenSSL 1.0.2k 26 Jan 2017)] The client sends these cipher suites to the server in auth request
Cipher Suite: TLS_RSA_WITH_RC4_128_MD5 (0x0004) Cipher Suite: TLS_RSA_WITH_RC4_128_SHA (0x0005) Cipher Suite: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000a) Cipher Suite: TLS_RSA_WITH_DES_CBC_SHA (0x0009) Cipher Suite: TLS_RSA_EXPORT1024_WITH_RC4_56_SHA (0x0064) Cipher Suite: TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA (0x0062) Cipher Suite: TLS_RSA_EXPORT_WITH_RC4_40_MD5 (0x0003) Cipher Suite: TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 (0x0006) Cipher Suite: TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA (0x0013) Cipher Suite: TLS_DHE_DSS_WITH_DES_CBC_SHA (0x0012) Cipher Suite: TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA (0x0063) but I get a no shared cipher error and handshake fails. My understanding is quite limited on this issue but I've tried to set cipher_list = "DEFAULT" and "ALL:!EXPORT:!eNULL:!SSLv2" in eap.conf but nothing seems to work, I get the same no cipher issue. Assuming FreeRadius gets its ciphers from Openssl, is there a way I can make openssl to include the above keys in its cipher list? I tried to update these ciphers on the client but I couldn't find anything on google. I would appreciate if anyone can help in this regard. Many Thanks Ali
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
