#783: WPA-EAP/TLS doesn't work
-----------------------------+----------------------------------------------
Reporter: anonymous | Owner:
Type: defect | Status: new
Priority: major | Milestone:
Component: madwifi: driver | Version:
Keywords: | Patch_attached: 0
-----------------------------+----------------------------------------------
At work i need to connect to a cisco AP with WPA-EAP/TLS. Therefore i have
a PKCS12 certificate. I have split it with openssl:
{{{
openssl pkcs12 -in myname.cert.p12 -nokeys -cacerts -out ca.pem
openssl pkcs12 -in myname.cert.p12 -nokeys -clcerts -out user.pem
openssl pkcs12 -in myname.cert.p12 -nocerts -nodes -out keys.pem
}}}
Than i have set up wpa_supplicant:
{{{
ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=0
eapol_version=1
ap_scan=1
fast_reauth=1
network={
ssid="infeap"
scan_ssid=1
key_mgmt=WPA-EAP
pairwise=CCMP TKIP
group=CCMP TKIP
eap=TLS
identity="my-user-id"
ca_cert="/etc/cert/ca.pem"
client_cert="/etc/cert/user.pem"
private_key="/etc/cert/keys.pem"
}
}}}
If i start wpa_supplicant it looks really good but than i get this error
message:
{{{
ifup ath0
Internet Systems Consortium DHCP Client V3.0.3
Copyright 2004-2005 Internet Systems Consortium.
All rights reserved.
Listening on LPF/ath0/00:05:4e:4c:30:45
Sending on LPF/ath0/00:05:4e:4c:30:45
Sending on Socket/fallback
Trying to associate with 00:12:43:48:27:33 (SSID='infeap' freq=2412 MHz)
Associated with 00:12:43:48:27:33
CTRL-EVENT-EAP-STARTED EAP authentication started
OpenSSL: pending error: error:0D07803A:asn1 encoding
routines:ASN1_ITEM_EX_D2I:nested asn1 error
OpenSSL: pending error: error:140C800D:SSL
routines:SSL_use_certificate_file:ASN1 lib
OpenSSL: pending error: error:0D0680A8:asn1 encoding
routines:ASN1_CHECK_TLEN:wrong tag
OpenSSL: pending error: error:0D07803A:asn1 encoding
routines:ASN1_ITEM_EX_D2I:nested asn1 error
OpenSSL: pending error: error:0D09A00D:asn1 encoding
routines:d2i_PrivateKey:ASN1 lib
OpenSSL: pending error: error:140CB00D:SSL
routines:SSL_use_PrivateKey_file:ASN1 lib
CTRL-EVENT-EAP-METHOD EAP method 13 (TLS) selected
CTRL-EVENT-EAP-SUCCESS EAP authentication completed successfully
ioctl[SIOCSIWENCODEEXT]: Operation not supported
WPA: Key negotiation completed with 00:12:43:48:27:33 [PTK=TKIP GTK=WEP-
104]
CTRL-EVENT-CONNECTED - Connection to 00:12:43:48:27:33 completed (auth)
ioctl[SIOCSIWENCODEEXT]: Operation not supported
WPA: Group rekeying completed with 00:12:43:48:27:33 [GTK=WEP-104]
CTRL-EVENT-DISCONNECTED - Disconnect event - remove keys
}}}
I don't know the exact version of the driver. About one month ago i have
tried it with cvs head from cvs.sourceforge.net:/cvsroot/madwifi now i'm
using madwifi-ng from the linux-restricted-modules-2.6.15-23-386 form
Ubuntu Dapper.
--
Ticket URL: <http://madwifi.org/ticket/783>
MadWifi <http://madwifi.org/>
Multiband Atheros Driver for Wireless Fidelity-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys -- and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Madwifi-tickets mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/madwifi-tickets
