EAP-TLS, whether we should provide password or not?
Chuck Tuffli
CTuffli
Fri Dec 28 06:13:55 PST 2007
> -----Original Message-----
> From: hostap-bounces+ctuffli=dspg.com at shmoo.com
> [mailto:hostap-bounces+ctuffli=dspg.com at shmoo.com] On Behalf
> Of Raghavendra. S
> Sent: Thursday, December 27, 2007 10:56 PM
> To: hostap at shmoo.com
> Subject: EAP-TLS, whether we should provide password or not?
>
> Hi All,
>
> I have following configuration for EAP-TLS.
>
> ---------------------------------start------------------------
----------------------------
> ctrl_interface=/var/run/wpa_supplicant
> ap_scan=1
> fast_reauth=1
> eapol_version=1
>
> network={
> ssid="3Com"
> proto=WPA
> scan_ssid=1
> key_mgmt=WPA-EAP IEEE8021X
> pairwise=CCMP TKIP
> group=CCMP TKIP
> eap=TLS
> identity="jbibe"
> ca_cert="/mnt/nfs/certs/root.pem"
> client_cert="/mnt/nfs/certs/cert-clt.pem"
> private_key="/mnt/nfs/certs/cert-clt.pem"
> private_key_passwd="whatever"
> }
This looks pretty similar to something I used for testing. The below
seemed like the bare minimum I needed to get a Proxim + FreeRADIUS
working with TLS.
network={
ssid="myssid"
# 802.1X
key_mgmt=WPA-EAP
proto=RSN
eap=TLS
ca_cert="/certs/wifi_ca_cert.pem"
client_cert="/certs/client_keycert.pem"
private_key="/certs/client_keycert.pem"
private_key_passwd="whatever"
identity="root"
}
---chuck
More information about the Hostap
mailing list