Page MenuHomeVyOS Platform

EAP-TLS no longer allows TLSv1.0 after T4537, T4584
Closed, ResolvedPublicBUG


My ISP's fiber ONT requires EAP-TLS with TLSv1.0 and it seems this stopped working after the wpa_supplicant upgrade for T4537 and T4584.

I suspect this is because Debian patches are currently being removed:

and Debian has a patch that allows TLSv1.0 by default:

Would it be possible to have the custom hostap package build include that specific patch?


Difficulty level
Normal (likely a few hours)
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Perfectly compatible
Issue type
Bug (incorrect behavior)