I'm not sure it's really solved. If I try to connect with a fresh setup from the network manager gui, it works but /var/log/wpa_supplicant.log contains:
CTRL-EVENT-SCAN-RESULTS Associated with 00:1e:be:a7:f6:90 CTRL-EVENT-EAP-STARTED EAP authentication started CTRL-EVENT-EAP-METHOD EAP vendor 0 method 21 (TTLS) selected OpenSSL: tls_connection_handshake - Failed to read possible Application Data error:00000000:lib(0):func(0):reason(0) CTRL-EVENT-EAP-SUCCESS EAP authentication completed successfully WPA: Key negotiation completed with 00:1e:be:a7:f6:90 [PTK=TKIP GTK=TKIP] CTRL-EVENT-CONNECTED - Connection to 00:1e:be:a7:f6:90 completed (reauth) [id=0 id_str=] So it seems it didn't succeed to validate the certificate... but it continues (dangerous) If I try to update the settings, it doesn't work because of a self- certificate in the certificate chain: Associated with 00:1e:be:a8:38:20 CTRL-EVENT-SCAN-RESULTS CTRL-EVENT-EAP-STARTED EAP authentication started CTRL-EVENT-EAP-METHOD EAP vendor 0 method 21 (TTLS) selected TLS: Certificate verification failed, error 19 (self signed certificate in certificate chain) depth 2 for '/C=US/O=GTE Corporation/OU=GTE CyberTrust Solutions, Inc./CN=GTE CyberTrust Global Root' SSL: SSL3 alert: write (local SSL3 detected an error):fatal:unknown CA OpenSSL: tls_connection_handshake - SSL_connect error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed CTRL-EVENT-EAP-FAILURE EAP authentication failed CTRL-EVENT-DISCONNECTED - Disconnect event - remove keys So my hypothesis is that we have two bugs: - one with no validation of certificate when settings are new - one with strange validation of root certificate (of course it's a self certfiicate ! ;-) -- NM doesnt allow to configure phase2 certificate for wpasupplicant (Was: Fail to connect with TLS and client certificate) https://bugs.launchpad.net/bugs/284409 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
