wpa_supplicant + hostapd + RADIUS --> NO WPA/RSN IE

Jouni Malinen jkmaline
Mon Feb 6 18:32:20 PST 2006


On Mon, Feb 06, 2006 at 07:21:20PM -0500, Andrea G Forte wrote:

> *OpenSSL: tls_connection_private_key - SSL_use_PrivateKey_File (DER) 
> failed error:140CB07C:SSL routines:SSL_use_PrivateKey_file:bad ssl filetype*
> *OpenSSL: tls_connection_private_key - SSL_use_PrivateKey_File (PEM) 
> failed error:0906D06C:PEM routines:PEM_read_bio:no start line*
> TLS: Successfully parsed PKCS12 file 

> It seems that even though I have set cert-clt.p12 file in the wpa config 
> file, the application still says to openssl to look for .der and .pem 
> files and only *after* it looks in the correct file (p12). Shouldn't it 
> be the opposite? Shouldn't wpa_supplicant tell to check the p12 file 
> first as specified in the config file and if it does not find it then 
> look in the other files?

That's by design. Nothing in the configuration is specifying the used
file format and wpa_supplicant just tries to parse it in different
formats until one of the attempts returns success (or all fail). PKCS#12
just happens to be after DER and PEM key formats in this list of things
to try.

-- 
Jouni Malinen                                            PGP id EFC895FA




More information about the Hostap mailing list