Internal TLS/crypto in wpa supplicant
Mahendra Prajapat
mahendra.p
Wed Jan 9 04:51:56 PST 2008
Dear Jouni,
Thanx a lot for your support whenever required.
EAP-TLS is successful using Internal TLS/crypto.
I have generated the test certificates using "OpenSSL" toolkit.
Based on your following suggestions,I was able to do successful EAP-TLS
1. Server as well as Client private keys should be in DER format and must be
unencrypted.
2. I have removed "ProxyCertInfo" from my openssl.cnf file.
Thanks a ton for your timely reply.
Regards,
Mahen
-----Original Message-----
From: hostap-bounces at lists.shmoo.com [mailto:hostap-bounces at lists.shmoo.com]
On Behalf Of Jouni Malinen
Sent: Wednesday, January 09, 2008 8:31 AM
To: hostap at shmoo.com
Subject: Re: Internal TLS/crypto in wpa supplicant
On Tue, Jan 08, 2008 at 10:17:31AM +0530, Mahendra Prajapat wrote:
> X509: issuer C=IN, ST=Karnataka, L=Bangalore, O=SAMSUNG, OU=SISO,
> CN=Mahen/emailAddress=mahendra.p at samsung.com
> X509: subject C=IN, ST=Karnataka, L=Bangalore, O=SAMSUNG, OU=SISO,
> CN=Mahen/emailAddress=mahendra.p at samsung.com
> X509: Extension: extnID=1.3.6.1.5.5.7.1.14 critical=255
How did you generate this certificate? It seems to be a proxy certificate
based on the extension, but the subject field does not seem to meet the
requirements for proxy certificates.. After reading some more about proxy
certificates, I'm not that sure I would even want to support these for
WPA/IEEE 802.1X authentication. Is there any particular reason for using
proxy certificates for whatever you are doing?
--
Jouni Malinen PGP id EFC895FA
_______________________________________________
HostAP mailing list
HostAP at lists.shmoo.com
http://lists.shmoo.com/mailman/listinfo/hostap
More information about the Hostap
mailing list