wpa supplicant interoperability with IAS server for EAP-TLS

Jouni Malinen jkmaline
Tue Apr 19 19:58:30 PDT 2005


On Tue, Apr 19, 2005 at 05:14:15AM -0700, J I wrote:

> I am trying to authenticate wpa_supplicant with IAS server using TLS  authentication , but after the client certificate is sent to the IAS  server an alert message is received specifying "access denied".I followed the following steps :
>  
> 1. I generated the client certificate using the certificate service in IAS server 

What is the subject of the certificate? Does it match with the identity
you used in wpa_supplicant configuration ("test")?

> 3. Converted the certificate of .pfx format to .pem format using Openssl utility.
> 4. Then the obtained .pem ( both for certificate and private key file )format certificate , i configured it in wpa_supplicant , with the passphrase.

wpa_supplicant should be able to use .pfx files, so this conversion
should not be required (but is ok in the sense that it does not cause
problems, either).

>            With the above mentioned steps the authentication process reached upto certificate handshake , as soon as Client certificate is sent to Authentication server ( IAS ) an alert message specifying "access denied" was received. 

Do you have access to the IAS server? If yes, please look at the event
log for detailed report on why the access was denied.

-- 
Jouni Malinen                                            PGP id EFC895FA




More information about the Hostap mailing list