Can't connec to PEAP anymore on current Ubuntu (2.10 built with openssl3)

Sebastien Bacher seb128 at
Thu Mar 17 03:50:02 PDT 2022

We also have another report about connecting to  eduroam failing,

The log from that one, 

SSL: SSL3 alert: write (local SSL3 detected an error):fatal:handshake 
EAP: Status notification: local TLS alert (param=handshake failure)
SSL: (where=0x1002 ret=0xffffffff)
SSL: SSL_connect:error in error
OpenSSL: openssl_handshake - SSL_connect error:0A000152:SSL 
routines::unsafe legacy renegotiation disabled
SSL: 7 bytes pending from ssl_out
SSL: Using TLS version TLSv1.2
SSL: Failed - tls_out available to report error (len=7)
SSL: 7 bytes left to be sent out (of total 7 bytes)
EAP-PEAP: TLS processing failed

Sebastien Bacher

Le 17/03/2022 à 11:44, Sebastien Bacher a écrit :
> Hey there,
> Ubuntu switched to openssl3 by default for its incoming LTS and we 
> started received reports that connect to PEAP wifis isn't working for 
> some users. Our version of wpa is 2.10
> One such report, 
> The wpa is coming from Debian without change and an user reported that 
> installing the Debian build (which is still using openssl1) doesn't 
> have the issue
> The log has those errors
> wpa_supplicant[648]: SSL: SSL3 alert: write (local SSL3 detected an 
> error):fatal:internal error
> wpa_supplicant[648]: OpenSSL: openssl_handshake - SSL_connect 
> error:0A0C0103:SSL routines::internal error
> wpa_supplicant[648]: wlp4s0: CTRL-EVENT-EAP-FAILURE EAP authentication 
> failed
> A debug log is available on 
> Thanks,
> Sebastien Bacher

More information about the Hostap mailing list