dumping access point certificate from wpa_supplicant
sam at samason.uk
Fri Oct 22 02:23:25 PDT 2021
On Fri, 15 Oct 2021 at 22:15, Jouni Malinen <j at w1.fi> wrote:
> On Wed, Oct 06, 2021 at 11:31:50PM +0100, Sam Mason wrote:
> > I was hoping that validating the certificate might help
> > prevent PITM attacks, but I'm not even sure if that makes sense for
> > this protocol.
> wpa_supplicant sends out CTRL-EVENT-EAP-PEER-CERT events as control
> interface events during EAP authentication that uses TLS. Those message
> include a SHA256 hash of the certificate and full hexdump of the raw DER
> encoded certificate.
Thanks for that; my last session has finally timed out so I've used
> > Google pointed me to https://superuser.com/a/853602/171763
I've added your response as an answer to the stackexchange question,
hopefully it points some other people in the right direction as well.
More information about the Hostap