Recently Debian upgraded the minimum protocol version for TLS to TLSv1.2 and things broke. I’m not pointing my finger but the screen of my pc is not filled with kittens so this is obvioulsy a problem.
The eduroam network at my uni is “old-fashioned” and does not support anything newer than TLSv1.1 so how I am getting back on the internet? I miss dank memes and cats already.
In an amazing feat of patience I scoured the internet for solutions
- hold back the libssl1.1 package until things are not broke anymore (AHAHAH)
- change the minimum TLS protocol version system wide (urgh)
- find a way to provide wpa_supplicant with the TLS protocol to use
Obviously it was not clear if option 3 could be the solution or even if it was at all implemented. Moreover I don’t directly use wpa_supplicant but rely on NetworkManager so it was definitely less than clear what would have to happen.
We have to specify this
phase1="tls_disable_tlsv1_2=1" in the configuration
that wpa_supplicant will receive but I don’t want to leave the comfort area
Obviously the option is not available from the NetworkManager UI in Gnome but this will not set us back, dank memes and cats are out there!
DAMMIT! I still can’t connect but openssl is not screaming at me anymore. Time to talk to the technical service, please send photos of kittens and dank memes by slow-mail.