See also https://bugzilla.redhat.com/show_bug.cgi?id=2069239. For those
that have this problem with the "0A0C0103:SSL routines::internal error"
message, check whether your radius server possibly only supports TLS 1.1
or older. Those servers would default to rsa_pkcs1_md5_sha1 as TLS
signature
Whoops -- actually, my enterprise network was a university's main wifi
(wpa.mcgill.ca), not eduroam. I propose to generalize the title of this
bug by dropping eduroam or changing it to (e.g. eduroam)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is
On a Thinkpad X230 I had this problem after upgrading to 22.04.
The recipe in comment 23 by nfalse solved the problem for me.
Thank you (though this is only a temporary workaround, given its use of
"UnsafeLegacyRenegotiation")
--
You received this bug notification because you are a member of
I recently upgraded to 22.04 on a fresh install and ran into this bug. I
am a network administrator at my work and was able to determine on the
authentication server was seeing TLS related errors.
I made the changes supplied by user nfalse and was able to connect right
away.
I am willing to test
I am facing a similar problem after upgrading my Laptop from 21.10 to
22.04. I lost Wifi during the upgrade process, which also meant that
refreshing the snap packages failed. But I was unable to connect to my
Wifi again, even after reboot. I have a Unifi network set up for WPA
enterprise, using a
I use the following method to bypass this bugļ¼
1. create openssl.cnf for wpa_supplicant
- sudo cp /etc/ssl/openssl.cnf /etc/wpa_supplicant/
- motify /etc/wpa_supplicant/openssl.cnf
*** /etc/ssl/openssl.cnfFri Apr 22 14:54:42 2022
--- /etc/wpa_supplicant/openssl.cnf Fri Apr 22 14:55:22
FWIW my university's support team replied that they don't support Linux
devices but they would forward my message to the network team. I haven't
heard anything since.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
@seb128
Sorry if that sounded browbeating. My response is more like
"unfortunate, but understandable". Someone has to be first, even if
MS/Apple seem OK to leave it working.
Thanks for finding the Fedora info. I had just wondered about other
distros. Looks like the other bug they link to is a
Internet also suggests other recent distributions will have the same
issue, https://ask.fedoraproject.org/t/cannot-connect-to-
wpa2-enterprise-university-wifi-on-fedora-36 for example
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
@Hans, fair enough. Googling for that error the first result here is
https://www.ibm.com/mysupport/s/question/0D50z62ktWGCAY/why-ssl-handshake-fails-with-unsafe-legacy-renegotiation-disabled
which states
'This error means that the SSL server does not support the Renegotiation
Indication
I won't attach a full system log of my work machine. I can confirm
however that I get the same "wpa_supplicant[3600]: OpenSSL:
openssl_handshake - SSL_connect error:0A000152:SSL routines::unsafe
legacy renegotiation disabled" error, even without the -d flag.
--
You received this bug notification
@Hans, you should probably open a new bug with a debug log attach as
described in comment #6 so we can ensure it's the same issue you are
seeing
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1958267
I've opened a ticket with my University's IT dept with the suggestion.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1958267
Title:
"Connection failed" for WPA Enterprise network eduroam
To manage
@Sebastian, I have this issue with the EAP-TLS protected network of at
work, its not eduroam. I'll see if I can reach any of the network
admins.
However, I doubt that the servers are configured to use insecure
methods; there were lots of security related changes done in the past
year to the wifi
@Hans, @Alexander, could any of you contact one of the eduroam admins to
report the issue? Ideally they would just fix their servers, currently
the fact that it works under windows doesn't resolve the fact that they
are using an insecure configuration and should be fixed
--
You received this bug
The workaround also does work for me. (For the record, I appended those
lines at the end of the config file.)
I see the openssl bug is marked wontfix. I think this is unfortunate,
since it means that eduroam (maybe poorly configured, but still) will
work out of the box for Windows and Mac (and
I can confirm that using this workaround and restarting wpa supplicant
solved the connection issues for me:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1963834/comments/7
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
** Tags removed: rls-jj-incoming
** Also affects: wpa (Ubuntu Jammy)
Importance: High
Assignee: Sebastien Bacher (seb128)
Status: New
** Changed in: wpa (Ubuntu Jammy)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs,
The unsafe legacy disabled suggests it could be bug #1963834 and a
choice from upstream openssl to disable unsafe servers, maybe that's
something the eduroam admins need to sort out?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
bug #1962541 seems a bit similar though the log here includes
> OpenSSL: openssl_handshake - SSL_connect error:0A000152:SSL
routines::unsafe legacy renegotiation disabled
I've reported it upstream now on
http://lists.infradead.org/pipermail/hostap/2022-March/040305.html
** Tags added: openssl3
Jeremy pointed out https://bugs.debian.org/cgi-
bin/bugreport.cgi?bug=1003907 which could be similar
** Changed in: wpa (Ubuntu)
Assignee: (unassigned) => Sebastien Bacher (seb128)
** Bug watch added: Debian Bug tracker #1003907
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1003907
** Changed in: wpa (Ubuntu)
Status: Incomplete => New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1958267
Title:
"Connection failed" for WPA Enterprise network eduroam
To manage
Eduroam is a WPA2 Enterprise network. It supported different EAP methods
(https://wiki.geant.org/pages/viewpage.action?pageId=121346284):
- EAP TTLS-PAP
- PEAP
- EAP TLS
- EAP-pwd
I always use the default option selected in Ubuntu Wi-Fi Settings, which
is labeled "Tunneled TLS". But I
Thank you for your bug report, do you have details on what sort of
configuration and security options is eduroam using?
Could you edit /lib/systemd/system/wpa_supplicant.service to add a '-d'
to the ExecStart cmd, restart, try to connect and share the 'journalctl
-b 0' log from the system?
**
This bug has been reported on the Ubuntu ISO testing tracker.
A list of all reports related to this bug can be found here:
http://iso.qa.ubuntu.com/qatracker/reports/bugs/1958267
** Tags added: iso-testing
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is
Getting the same issue using Qualcomm Atheros modem on WPA university
WLAN network. Confirmed that same settings and hardware work fine with
Ubuntu 21.10.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: wpa (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1958267
Title:
Still an issue with the new wpasupplicant 2:2.10-2 package.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1958267
Title:
"Connection failed" for WPA Enterprise network eduroam
To manage
28 matches
Mail list logo