EAP-TLS connection problem

Jouni Malinen j
Tue Jul 8 17:38:39 PDT 2008


On Tue, Jul 08, 2008 at 08:32:09AM -0700, Dmitry Shmidt wrote:

> > I have ported wpa_supplicant 0.5.10 and I am trying to associate with
> > WPA-EAP-TLS.
> > And I am receiving next error. (full log is attached).

> > TLS: tls_verify_cb - preverify_ok=1 err=0 (ok) depth=1
> > buf='/DC=tw/DC=com/DC=sitdc1/CN=WLAN01'
> > TLS: Certificate verification failed, error 7 (certificate signature
> > failure) depth 0 for '/CN=wlan01.sitdc1.com.tw'

OpenSSL rejected the server certificate.

> > OpenSSL: tls_connection_handshake - SSL_connect error:0407006A:rsa
> > routines:RSA_padding_check_PKCS1_type_1:block type is not 01
> > OpenSSL: pending error: error:04067072:rsa
> > routines:RSA_EAY_PUBLIC_DECRYPT:padding check failed

The reason for rejection seems to be in incorrect RSA padding (PKCS#1)
in the TLS handshake. Which authentication server was used here?

-- 
Jouni Malinen                                            PGP id EFC895FA



More information about the Hostap mailing list