Yes, that would be the right thing to do. Unfortunately, I'm not certain I can get those RPM's again. I think I'm going to have to get it working with the current versions.
as you want. i'm sure, the version exists somewhere at openssl.org (no rpm but the sources).
For more background, I am using a Windows XP supplicant with DLink hardware, configured per the instructions in http://www.impossiblereflex.com/8021x/eap-tls-HOWTO.htm. I have the following OpenSSL RPM's installed on my Redhat 8.0 box: openssl-perl-0.9.7a-1 openssl096b-0.9.6b-3 openssl096-0.9.6-15 openssl095a-0.9.5a-19 openssl-devel-0.9.7a-1 openssl-0.9.7a-1
you *should* have at least devel version of 0.9.7beta. former it always was the newer the better.
Here are selected parts from my radius log (there is more, but it all looks very similar):
the only problem i see is the following:
TLS_accept: SSLv3 write certificate request A TLS_accept: SSLv3 flush data TLS_accept:error in SSLv3 read client certificate A rlm_eap_tls: SSL_read Error Error code is ..... 2 SSL Error ..... 2
perhaps you should regenerate your Certificates using the same OpenSSL version which you are using in FR.
ciao artur
-- Artur Hecker D�partement Informatique et R�seaux, ENST Paris http://www.infres.enst.fr/~hecker
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
