EAP-TLS server issue

Jouni Malinen j at w1.fi
Mon Apr 11 15:53:18 EDT 2011

On Wed, Apr 06, 2011 at 01:17:34AM +0000, 彦 张 wrote:
> the hostapd version I used is 0.6.9, and the version of openssl is 0.9.8i, and How can I confirm if the SHA256 is enable or not?

hostapd 0.6.9 does not enforce SHA256 to be enabled as a digest algorithm
in OpenSSL (this was added in 0.6.10) and as such, this behavior depends
on OpenSSL. I do not remember when this changed, but it is possible that
0.9.8i does not enable SHA256 automatically.

> But I'm confuzed that the freeradius 2.1.6 combined with the openssl 0.9.8i is ok for the eap-tls.

FreeRADIUS 2.1.6 has the same code that was added in 0.6.10 to enforce
SHA256 support in OpenSSL.

Jouni Malinen                                            PGP id EFC895FA

More information about the HostAP mailing list