Hi Vishal,
On 20/10/21 13:34, Vishal Sinha wrote:
Hi Matt
The certificate is not large as such. But since it's a chain, the
overall size crosses 4k. We used BIO_set_write_buffer_size() API to
increase the size from 4k to 8k of the BIO buffer in SSL context.
just out of curiosity: does this issue occur with pppd with EAP-TLS
support (which I originally added) ? if so, which version of the pppd
code are you using or which version of the ppp-eap-tls patch?
If you *are* using pppd to do the EAP-TLS handshake then let me try to
replicate your particular issue.
HTH,
JJK
On Wed, Oct 20, 2021 at 3:26 PM Vishal Sinha <vishals1...@gmail.com
<mailto:vishals1...@gmail.com>> wrote:
Hi
We are using openssl 1.1.1c version on our client and server.
Client and Server are doing EAP-TLS authentication using
certificates which are more than 4k in size (using 1 root CA and 2
intermediate CAs). We noticed that the server is not able to
handle it gracefully due to insufficient buffer size during SSL
handshake and hence authentication fails. To solve this issue, we
increased the buffer size to 8k programmatically and
authentication passed. Is there any other way to solve this problem?
Regards
Vishal