Problems with EAP-TTLS/EAP-TLS
Carolin Latze
carolin.latze
Fri Oct 24 05:36:19 PDT 2008
Sjors Gielen wrote:
> Carolin Latze wrote:
>
>> That gives more or less the same error. But I think that cannot be the
>> solution anyway since EAP-TTLS should not require client authentication
>> from what I know about EAP-TTLS, but I might be wrong. But I also think
>> the problem lies in the order of the statements.
>>
>> I have another more general question: Does the EAP-TTLS module call the
>> EAP-TLS module? I mean it seems, that it works like that since I see my
>> old debug messages but is that really correct?
>>
>
> Oops, missed this. According to this line in your wpa_supplicant.conf:
> phase2="autheap=TLS"
> It does ;) Change that to
> phase2="autheap=MD5"
> or
> phase2="autheap=MSCHAPV2"
> (or something similar) and it will probably work :)
>
Tried that and still get
OpenSSL: tls_connection_engine_private_key - Private key failed
verification error:140A30B1:SSL routines:SSL_check_private_key:no
certificate assigned
:) But anyway, I really would like to have EAP-TTLS/EAP-TLS, which means
to have mutual authentication inside a tunnel established with server
authentication. Do you think that is possible?
Regards and Thanks for all those hints!
Carolin
--
Carolin Latze
Research Assistant
Department of Computer Science
Boulevard de P?rolles 90
CH-1700 Fribourg
phone: +41 26 300 83 30
homepage: http://diuf.unifr.ch/people/latzec
More information about the Hostap
mailing list