Skip to content
This issue has been moved to a discussionGo to the discussion

ESP32 Fails to Connect to Enterprise WiFi (PEAP) Due to TLS 1.0 Incompatibility — WL_NO_SSID_AVAIL Reported #11364

New issue
New issue
Closed
Closed
ESP32 Fails to Connect to Enterprise WiFi (PEAP) Due to TLS 1.0 Incompatibility — WL_NO_SSID_AVAIL Reported#11364
Labels
Type: QuestionOnly question
@Tahir-Innok

Description

@Tahir-Innok
Tahir-Innok
opened on May 14, 2025

Board

ESP32 Dev Module

Device Description

DevKit

Hardware Configuration

NO

Version

latest stable Release (if not listed below)

IDE Name

VSCode

Operating System

Ubuntu

Flash frequency

40MHz

PSRAM enabled

no

Upload speed

115200

Description

I'm attempting to connect an ESP32-based board to an enterprise WiFi network using WPA2-Enterprise with PEAP (Protected EAP) and MSCHAPv2 authentication. However, the connection fails.

The enterprise network supports only TLS 1.0, which is now deprecated and appears to be unsupported by current ESP32 firmware (ESP-IDF / Arduino core).

When initiating a connection, the ESP32 reports a WL_DISCONNECTED status for several seconds, then transitions to WL_NO_SSID_AVAIL, even though the network is visible and broadcasting.

Sketch

status = WiFi.begin(
      network_config.ssid.c_str(),
      WPA2_AUTH_PEAP,
      network_config.identity.c_str(),
      network_config.username.c_str(),
      network_config.password.c_str()
    );

Debug Message

After debugging alittle I understand The TLS version negotiation is handled internally by the ESP-IDF WPA2 Enterprise stack (based on wpa_supplicant), and it uses the highest possible TLS version supported by both the client and server. 

But still my question is it possible to change the TLS version to 1.0 only for WiFi stack. As for my use case its almost impossible to change/upgrade the hardware.

Other Steps to Reproduce

No response

I have checked existing issues, online documentation and the Troubleshooting Guide

  • I confirm I have checked existing issues, online documentation and Troubleshooting guide.

Activity

Tahir-Innok
added
Status: Awaiting triageIssue is waiting for triage
on May 14, 2025
Jason2866
removed
Status: Awaiting triageIssue is waiting for triage
on May 15, 2025
Jason2866

Jason2866 commented on May 15, 2025

@Jason2866
Jason2866
on May 15, 2025
Collaborator

Correct no support for TLS 1.0. If you want to use espressif devices either use older core or updating the wifi hardware is needed.

Jason2866
added
Type: QuestionOnly question
on May 15, 2025
Tahir-Innok

Tahir-Innok commented on May 15, 2025

@Tahir-Innok
Tahir-Innok
on May 15, 2025
Author

Thanks for your response @Jason2866 , can you please share which version/release have the support for TLS1.0.

Jason2866

Jason2866 commented on May 15, 2025

@Jason2866
Jason2866
on May 15, 2025 · edited by Jason2866
Collaborator

Well since TLS 1.0 is long time ago deprecated. Search in very early Arduino versions. I doubt that Arduino core 2.x has support for. You may have luck with core 1.x
There is no support of any kind for this old cores. Support for TLS 1.0 has been removed since it is highly insecure to use. Running it is a security risk.
Edit: Arduino Core 1.0.6 does support TLS 1.0 You can try a core 2.0.x version there is a chance there is still support for TLS 1.0 left.

Jason2866
converted this issue into a discussion #11442 on Jun 6, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Metadata

Assignees

No one assigned

    Labels

    Type: QuestionOnly question

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

      Development

      No branches or pull requests

        Participants

        @Jason2866@Tahir-Innok

        Issue actions
          ESP32 Fails to Connect to Enterprise WiFi (PEAP) Due to TLS 1.0 Incompatibility — WL_NO_SSID_AVAIL Reported · Issue #11364 · espressif/arduino-esp32