Internal TLS/crypto in wpa supplicant

Mahendra Prajapat mahendra.p
Mon Jan 7 20:47:31 PST 2008


Dear Jouni,
Thanx a lot for your support.
I m still facing problem with internal TLS/crypto.Presently I am getting
following errors at client side:
 
TLSv1: Converting PEM format certificate into DER format
X509: Version X.509v3
X509: serialNumber 1476335890
X509: issuer C=IN, ST=Karnataka, L=Bangalore, O=SAMSUNG, OU=SISO,
CN=Mahen/emailAddress=mahendra.p at samsung.com
X509: Validity: notBefore: 1199275737 notAfter: 1230811737
X509: subject C=IN, ST=Karnataka, L=Bangalore, O=SAMSUNG, OU=SISO,
CN=Mahen/emailAddress=mahendra.p at samsung.com
X509: Extension: extnID=2.5.29.19 critical=0
X509: Extension: extnID=2.5.29.14 critical=0
X509: Extension: extnID=2.5.29.35 critical=0
ASN.1: Extended tag data: 0x04
X509: Extension: extnID=1.3.6.1.5.5.7.1.14 critical=255
X509: Unknown critical extension 1.3.6.1.5.5.7.1.14
TLSv1: tlsv1_client_add_cert_der - failed to parse certificate
TLSv1: Failed to parse PEM certificate after DER conversion
TLS: Failed to configure client certificate
TLS: Failed to set TLS connection parameters
EAP-TLS: Failed to initialize SSL.

Looking forward for your positive response ...

Regards,
Mahen




-----Original Message-----
From: Jouni Malinen [mailto:j at w1.fi] 
Sent: Friday, December 28, 2007 9:41 PM
To: Mahendra Prajapat
Cc: hostap at shmoo.com
Subject: Re: Internal TLS/crypto in wpa supplicant

On Thu, Dec 27, 2007 at 11:30:57AM +0530, Mahendra Prajapat wrote:

> I want to use Internal TLS/crypto in wpa supplicant to test EAP-TLS.
> As I  am getting following errors:
> 
> TLSv1: Failed to parse private key

> For testing purpose I require following certificates:
> Client-key.pem
> Client's private key password

The internal TLS/crypto code does not support private keys in PEM format
(must be DER) and neither does it support private key encryption, so the
passphrase here is not going to work either.

-- 
Jouni Malinen                                            PGP id EFC895FA




More information about the Hostap mailing list