How to force TLS 1.0 for wpa_supplicant - EAP
Fri Aug 28 11:33:42 PDT 2009
On Tue, Jul 21, 2009 at 08:40:02AM -0500, Michael Kurecka wrote:
> I'm setting up wpa_supplicant for use as EAP w/ PEAP/MSCHAPv2 and need
> to ensure that at a minimum TLS 1.0 is used rather than SSL 3.0 or
> less. What do I need to change to ensure that and how do I force the
> peap version to be 2 (Is it just phase1="peapver=2")?
You do not need to change anything. EAP-TLS (and PEAP/TTLS/FAST for that
matter) already require TLS 1.0 (or newer). SSL 3.0 won't be used.
Jouni Malinen PGP id EFC895FA
More information about the Hostap