Le 03/10/2018 à 16:35, Dominik George a écrit : > >> I tried to add "phase1="tls_disable_tlsv1_2=1"" (see below the complete >> wpa_supplicant configuration. > That leaves you with only TLS 1.3, then ;).
Ok :-) > You probably want to set tls_disable_tlsv1_1=0 instead, but I did not try > (because please update the RADIUS server). I tried this. With tls_disable_tlsv1_1=0 I have the alert (with no working connexion): SSL: SSL3 alert: write (local SSL3 detected an error):fatal:protocol version OpenSSL: openssl_handshake - SSL_connect error:1425F102:SSL routines:ssl_choose_client_version:unsupported protocol wlp3s0: CTRL-EVENT-EAP-FAILURE EAP authentication failed Anyway, it seems the TLS version is not the issue here. Indeed, I tried also to downgrade openssl to the stable version (I use sid). After that, wpa_supplicant can connect. So the problem is a bug from openssl 1.1.1-1. I didn't see this before because network-manager was not able to connect the first time I tried to downgrade openssl. But wpa_supplicant does and now network-manager does so I probably misconfigured nm the first time. Thanks for the help
