Problems with EAP-TTLS/EAP-TLS

Carolin Latze carolin.latze
Fri Oct 24 01:34:48 PDT 2008


Hi everybody,

I have a working configuration of wpa_supplicant for EAP-TLS that I want 
to change now to EAP-TTLS/EAP-TLS. My wpa_supplicant.conf looks as follows:

tpm_engine_path=/usr/local/lib/openssl/engines/libtpm.so

network={
        ssid="dd-wrt"
        scan_ssid=0
        mode=0
        proto=WPA
        key_mgmt=WPA-EAP
        pairwise=TKIP
        group=TKIP
        eap=TTLS
        identity="10.1.1.5"

        phase2="autheap=TLS"

        ca_cert2="/home/latze/cert/cacert.pem"
        client_cert2="/home/latze/impl/basisk-eap.pem"
        engine=1
        engine_id="tpm"
        key_id="3"
        pin="PIN"

}

If I execute wpa_supplicant with that config, I get:

OpenSSL: tls_connection_engine_private_key - Private key failed 
verification error:140A30B1:SSL routines:SSL_check_private_key:no 
certificate assigned

That has to be a problem with the wpa_supplicant.conf as it worked 
before with EAP-TLS with this conf:

network={
        ssid="dd-wrt"
        scan_ssid=0
        mode=0
        proto=WPA
        key_mgmt=WPA-EAP
        pairwise=TKIP
        group=TKIP
        eap=TLS
        identity="10.1.1.5"
        ca_cert="/home/latze/cert/cacert.pem"
        client_cert="/home/latze/impl/basisk-eap.pem"
        engine=1
        engine_id="tpm"
        key_id="3"
        pin="PIN"
}

Does anybody have any idea what's going wrong with EAP-TTLS/EAP-TLS in 
my case?

Thanks in advance!
Carolin



More information about the Hostap mailing list