Multiple subject_match fields?

Curtis Larsen curtlarsen
Sun Mar 28 00:15:12 PDT 2010


I have noticed that when I use the subject_match field in my config with two
servers like this...

network={
        ssid="myssid"
        proto=WPA2
        key_mgmt=WPA-EAP
        pairwise=CCMP
        group=CCMP
        eap=PEAP
        identity="myusername"
        password="mypass"

ca_cert="/usr/share/ca-certificates/mozilla/Entrust.net_Secure_Server_CA.crt"
        subject_match="/C=US/ST=SOMESTATE/L=Some City/O=Some
Organization/OU=IT/CN=server1.domain.com"
        subject_match="/C=US/ST=SOMESTATE/L=Some City/O=Some
Organization/OU=IT/CN=server2.domain.com"
        phase2="auth=MSCHAPV2"
        priority=1
}

If the AP that I am connected to starts authenticating against
server2.domain.com, then I fail authentication because of a cert/hostname
mismatch.  Is there a way to specify multiple "subject_match" fields instead
of just one?

Thanks,

Curtis
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.shmoo.com/pipermail/hostap/attachments/20100328/5883b47f/attachment.htm 



More information about the Hostap mailing list