Regarding PEAP wpa_supplicant interoperability

Jouni Malinen jkmaline
Mon Apr 4 19:07:32 PDT 2005

On Mon, Apr 04, 2005 at 12:46:31AM -0700, J I wrote:

>         I tested without configuring the ca_cert in wpa_supplicant.cnf file , any how it successfully completed phase 1 and entered phase 2 authentication ( PEAP ), but after the APPLICATION DATA handshake it failed to proceed further. Is it the problem with IAS server configuration ? Can any one help me in this regard .

Please send debug log from wpa_supplicant showing this issue.

>          In my case if i configure the server certificate in wpa_supplicant it is not identifying the issuer of the certificate, is this happening since IAS server i am using is in differant domain ? 

What kind of certificate hierarchy are you using? Which certificate are
you configuring in wpa_supplicant and how (which configuration
variable)? If that "server certificate" is refering to the certificate
that IAS is using, it should not be configured in wpa_supplicant.conf.
ca_cert should be pointing to a CA certificate that signed the server
certificate or in case of more complex certificate hierarchy, a higher
level CA certificate could be better option.

Jouni Malinen                                            PGP id EFC895FA

More information about the Hostap mailing list