The EAP configs in Network-Manager map to the same in WPA_Supplicant so man wpa_supplicant.conf would provide some information. Additionally Network-Manager isn't doing anything unusual or special so specific documentation regarding the various EAP wouldn't really be exceptionally helpful except in cases where the field names chosen don't correspond to what other supplicants have chosen but in my experience they match in most cases. I was able to configure PEAP on Network Manager as easily as I configured it on Odyssey and I suspect that in enterprise deployments the admin's will document this all for the users and not require them to guess at the fields.
To answer your specific questions, I assume that you are using EAP-TLS. When you generate a cert for a user you generate a public and private key. The cert itself is the public key (the pem file). The Private key password is only needed if you created the private key with a password or passphrase (This is recommended by the way so the loss of the private key doesn't compromise anything else). So you need to private key, but not necessarily the passphrase. The private key is used to encrypt the data and the public key is passed to the server so that it can use it to decrypt the data. The reason you don't need the private key on windows is because that key is stored withing the windows certificate store. If you need more background on that specific area there is a wealth of information available on PKI and I can provide you with some great links. >From then on the transaction occurs just like any other PKI transactions, the private key is used to encrypt the data and the public key is exchanged between the two to decrypt the data. This connection is used to exchange dynamic WEP or WPA keys and the Wireless connection is brought up. Does that help answer your question? On 8/26/06, Nolan Garrett <[EMAIL PROTECTED]> wrote: > Nolan Garrett wrote: > > Hello! > > > > I am running FC5, and NetworkManager on the IPW2200 drivers (2915 card, > > actually). > > > > My wireless network uses client certificates, where it authenticates > > through the AP using EAP to a W2K3 DC. Each user has a certificate. I > > am encrypting with TKIP. > > > > How can I get NetworkManager to work? I've given it the certificate, > > but I don't necessarily understand what all of the fields do for WPA > > Enterprise mode. What's the difference between Client Certificate and > > Private Key? > > > > Any tips and setting this up would be great! > > > > Thanks! > > > > Nolan > > > > > > > > ------------------------------------------------------------------------ > > > > _______________________________________________ > > NetworkManager-list mailing list > > [email protected] > > http://mail.gnome.org/mailman/listinfo/networkmanager-list > > Has no one attempted 802.1x authentication via wireless with > NetworkManager? Or am I just too dumb to make it work? Even a > reference to a page describing how to would be fine - I just can't > Google anything. > > Nolan > > > > _______________________________________________ > NetworkManager-list mailing list > [email protected] > http://mail.gnome.org/mailman/listinfo/networkmanager-list > > > > _______________________________________________ NetworkManager-list mailing list [email protected] http://mail.gnome.org/mailman/listinfo/networkmanager-list
