Cannot get hostapd radius to authenticate OSEN connection.

Ben Greear greearb
Fri Mar 20 14:24:03 PDT 2015

On 03/20/2015 01:12 PM, Jouni Malinen wrote:
> On Fri, Mar 20, 2015 at 11:50:02AM -0700, Ben Greear wrote:
>> I was thinking that I would want two different sets of keys, one for OSEN
>> radius and one for the 'real' AP's radius so that I was more certain that
>> various HS20 logic is working properly and not just getting lucky due
>> to stale or mis-used keys & certs?
> You can certainly do that. Still, I would use the OSU server example to
> figure out what information needs to be included in the OSEN server
> certificate.

Ok, I started looking at hs20/server/ca/*

It is absolutely beyond comprehension :)

Anyway, my goal is to bring up everything I need on a single machine
so I can do isolated (as possible) testing and verification of HS20.

I guess I could start by making a new openssl.cnf that uses `hostname`
instead of the stuff, or does that actually matter?


Ben Greear <greearb at>
Candela Technologies Inc

More information about the Hostap mailing list