EAP-TLS server issue

Jouni Malinen j
Mon Apr 11 12:53:18 PDT 2011

On Wed, Apr 06, 2011 at 01:17:34AM +0000, ? ? wrote:
> the hostapd version I used is 0.6.9, and the version of openssl is 0.9.8i, and How can I confirm if the SHA256 is enable or not?

hostapd 0.6.9 does not enforce SHA256 to be enabled as a digest algorithm
in OpenSSL (this was added in 0.6.10) and as such, this behavior depends
on OpenSSL. I do not remember when this changed, but it is possible that
0.9.8i does not enable SHA256 automatically.

> But I'm confuzed that the freeradius 2.1.6 combined with the openssl 0.9.8i is ok for the eap-tls.

FreeRADIUS 2.1.6 has the same code that was added in 0.6.10 to enforce
SHA256 support in OpenSSL.

Jouni Malinen                                            PGP id EFC895FA

More information about the Hostap mailing list