Connecting using wpa_supplicant to a WPA EAP-TLS network
Soh Kam Yung
sohkamyung
Fri Oct 17 03:03:27 PDT 2008
On Mon, Oct 13, 2008 at 11:35 PM, Jouni Malinen <j at w1.fi> wrote:
> On Mon, Oct 13, 2008 at 03:41:04PM +0800, Soh Kam Yung wrote:
> [...]
>> My MIS says that no identity is required. Does this mean I can leave
>> it out or should I configure it as identity=""?
>
> Some supplicants generate the identity string from the certificate, but
> if the network is indeed configured to not require any specific
> identity, yes, you could set it to "". Though, I would set it to
> something like "anonymous" etc. to make it distinct from some
> auto-probing software that uses an empty identity string to figure out
> what authentication mechanism should be used.
> [...]
Jouni,
I have checked with my MIS and there was a mis-communication: their
supplicant expects the identity string to be generated from the client
certificate.
Can this (generating the identity from the client certificate) be done
by wpa_supplicant, or do I still need to provide an explicit identity
field in the wpa_supplicant configuration?
Also, how do I check that my pkcs#12 file contains my identity? I
have tried to export all info from it into a .pem file to check but I
cannot locate any identity field.
Does this mean that my identity is missing from the pkcs#12 file?
Regards,
Kam-Yung
--
Soh Kam Yung
my Google Reader Shared links:
(http://www.google.com/reader/shared/16851815156817689753)
my Google Reader Shared SFAS links:
(http://www.google.com/reader/shared/user/16851815156817689753/label/sfas)
More information about the Hostap
mailing list