[RADIATOR] Androids unable to connect

Ullfig, Roberto Alfredo rullfig at uic.edu
Tue Feb 2 19:11:24 UTC 2021 

Is the problem related to this article?

https://httptoolkit.tech/blog/android-11-trust-ca-certificates/

---
Roberto Ullfig - rullfig at uic.edu
Systems Administrator
Enterprise Applications & Services | Technology Solutions
University of Illinois - Chicago
________________________________
From: radiator <radiator-bounces at lists.open.com.au> on behalf of Ullfig, Roberto Alfredo <rullfig at uic.edu>
Sent: Tuesday, February 2, 2021 12:17 PM
To: radiator at lists.open.com.au <radiator at lists.open.com.au>
Subject: Re: [RADIATOR] Androids unable to connect

Also seeing:

Tue Feb  2 11:35:04 2021: ERR: EAP PEAP TLS Handshake unsuccessful:  7075: 1 - error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca

Does that mean the client doesn't know about our CA?

---
Roberto Ullfig - rullfig at uic.edu
Systems Administrator
Enterprise Applications & Services | Technology Solutions
University of Illinois - Chicago
________________________________
From: radiator <radiator-bounces at lists.open.com.au> on behalf of Ullfig, Roberto Alfredo <rullfig at uic.edu>
Sent: Tuesday, February 2, 2021 11:29 AM
To: radiator at lists.open.com.au <radiator at lists.open.com.au>
Subject: [RADIATOR] Androids unable to connect

Hello, since an Android update (probably in December), their devices can't connect. In the logs I see:

Tue Feb  2 10:48:00 2021: INFO: Using Net::SSLeay 1.55 with SSL/TLS library version 0x1000105f (OpenSSL 1.0.1e-fips 11 Feb 2013)Tue Feb  2 10:48:00 2021: WARNING: Startup check found OpenSSL version 0x1000105f (OpenSSL 1.0.1e-fips 11 Feb 2013) while checking for the Heartbleed (CVE-2014-0160) vulnerability. This version may be vulnerable. See Radiator reference manual for DisabledRuntimeChecks parameter

Tue Feb  2 10:55:54 2021: INFO: Access rejected for xxx: EAP PEAP TLS Handshake unsuccessful
Tue Feb  2 10:56:01 2021: ERR: EAP PEAP TLS Handshake unsuccessful:  7075: 1 - error:14094438:SSL routines:ssl3_read_bytes:tlsv1 alert internal error

are we running an old TLS that Android no longer supports? Thanks!

---
Roberto Ullfig - rullfig at uic.edu
Systems Administrator
Enterprise Applications & Services | Technology Solutions
University of Illinois - Chicago
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.open.com.au/pipermail/radiator/attachments/20210202/dbb15c60/attachment-0001.html>

More information about the radiator mailing list