On 03.03.2020 16:03, Alfred Arnold wrote:
Hi,
Alfred, I'd like to say "thanks" once more.
I tried with newer ciphers and version 1.2 - and now freeradius
(3.0.16) indeed sends me the second
"challenge". So, it's a huge progress.
Indeed, the capture now looks like an EAP-TLS negotiation sho
Hi,
Alfred, I'd like to say "thanks" once more.
I tried with newer ciphers and version 1.2 - and now freeradius (3.0.16)
indeed sends me the second
"challenge". So, it's a huge progress.
Indeed, the capture now looks like an EAP-TLS negotiation should go on.
The server accepted the client
On 02/03/2020 11:28, iilinasi wrote:
> Freeradius (3.0.16, 3.0.20)
Could be this issue:
https://github.com/FreeRADIUS/freeradius-server/issues/2385
"It may be due to the issue fixed in commit fd803c9. 3.0.17 sometimes
complained that TLS 1.3 was unknown, and refused to do TLS 1.3 at all.
That
On 03/03/2020 12:51, iilinasi wrote:
> Alfred, I'd like to say "thanks" once more.
>
> I tried with newer ciphers and version 1.2 - and now freeradius (3.0.16)
> indeed sends me the second "challenge". So, it's a huge progress.
>
> However it still complains on the unknown TLS version. I attac
Alfred, I'd like to say "thanks" once more.
I tried with newer ciphers and version 1.2 - and now freeradius (3.0.16)
indeed sends me the second "challenge". So, it's a huge progress.
However it still complains on the unknown TLS version. I attach the
server log and the packet capture, just in
Thank you Alfred!
Yup, I used old ciphers indeed. I suspect it stops even before checking
them, but I'll add newer ones and let you know.
This is the relevant part of freeradius log, just in case:
--
(1) eap_tls: TLS_accept: before SSL initialization
(1) eap_tls: TLS_accept: before SSL initia
Hi,
I'd like to understand, how does OpenSSL get to the idea of "0304"
version, if there is no such a
byte sequence in the packet...
My question is: how OpenSSL determines the TLS version? How to debug it?
I don't see any TLS 1.3 in the capture as well, but I see that your client
is using on
On 02/03/2020 11:28, iilinasi wrote:
> I'd like to understand, how does OpenSSL get to the idea of "0304"
> version, if there is no such a byte sequence in the packet...
> My question is: how OpenSSL determines the TLS version? How to debug it?
>
Very strange. I have no idea. Looking at the pa
