How to view WPA server's certificate?

Jouni Malinen j
Wed Nov 26 06:32:10 PST 2008

On Wed, Nov 26, 2008 at 01:47:26AM -0500, Matt McCutchen wrote:

> I am using wpa_supplicant via NetworkManager to connect to my
> university's WPA Enterprise wireless network.  The wireless server
> certificate is signed by the ThawtePremiumServerCA, which I configured
> as the CA.  I'd like to dump the server certificate to a file so I can
> inspect it.  Is there an easy way to do this?  If not, I might code one
> up to use myself and to offer to the project.

There is no such feature in wpa_supplicant, but it should be relatively
simple thing to add. The server certificate is available in
tls_verify_cb() in src/crypto/tls_openssl.c (assuming you are using
OpenSSL). wpa_supplicant is now just printing out the subject name of
the certification, but you could dump the full certificate (or a
fingerprint, etc.) here, too.

Jouni Malinen                                            PGP id EFC895FA

More information about the Hostap mailing list