Can't get WPA3 to work...

Alan DeKok aland at
Sat May 20 06:11:38 PDT 2023

On May 19, 2023, at 5:23 PM, Robert Senger <robert.senger at> wrote:
> The "WPA 3 Specification Version 3.0" Document from Wi-Fi Alliance
> says: "A WPA3 STA shall perform server certificate validation when
> using EAP-TTLS, EAP-TLS, EAP-PEAPv0 or EAP-PEAPv1 EAP methods."
> So, at least these methods seem to be allowed by the specs.


  In practice, if an EAP method provides encryption keys, then it should work.  i.e. EAP-PWD.  Even TLS-PSK should work.

  This standard is for supplicants, and suggests how they should behave.  It doesn't affect the function of 802.1X, which is defined by the IEEE.

> Nevertheless, iPhone fails after entering username/password (it's
> always a pain to connect iOS devices to enterprise networks), Windows
> 11 only offers Smartcard or EAP-TLS (had no luck with that so far,
> despite client certificate installed).

  Debugging EAP issues is no fun.

  Alan DeKok.

More information about the Hostap mailing list