EAP-TLS + internal crypto problem

Chuck Tuffli Chuck.Tuffli
Thu Jul 2 15:33:41 PDT 2009


Hi -

I upgraded to the 0.7.x supplicant and elected to use the internal crypto, but my EAP-TLS configuration no longer works. Previously I used 0.5.10 + OpenSSL against a FreeRadius server and this worked well. The only difference now in the setup (STA, AP, FreeRadius, configuration files, etc) is the new supplicant built with CONFIG_TLS=internal. Is this a problem with internal crypto or maybe with my certs?

[416] cat /nfsroot/ctuffli/target20/opt/wpa_supplicant.conf
ctrl_interface=/var/run/wpa_supplicant
update_config=1

network={
        ssid="linksys_WPS_1dwy"

        # 802.1X
        key_mgmt=WPA-EAP
        proto=RSN
        eap=TLS
        ca_cert="/certs/wifi_ca_cert.pem"
        client_cert="/certs/client_keycert.pem"
        private_key="/certs/client_keycert.pem"
        private_key_passwd="whatever"

        identity="root"
}

# /opt/bin/wpa_supplicant -v
wpa_supplicant v0.7.0
Copyright (c) 2003-2009, Jouni Malinen <j at w1.fi> and contributors

# /opt/bin/wpa_cli
wpa_cli v0.7.0
Copyright (c) 2004-2009, Jouni Malinen <j at w1.fi> and contributors

This program is free software. You can distribute it and/or modify it
under the terms of the GNU General Public License version 2.

Alternatively, this software may be distributed under the terms of the
BSD license. See README and COPYING for more details.


Selected interface 'wifi0'

Interactive mode

> <2>CTRL-EVENT-SCAN-RESULTS
<2>WPS-AP-AVAILABLE
<2>Trying to associate with 00:22:6b:4f:de:00 (SSID='linksys_WPS_1dwy' freq=2462 MHz)
<2>CTRL-EVENT-DISCONNECTED - Disconnect event - remove keys
<2>Associated with 00:22:6b:4f:de:00
<2>CTRL-EVENT-EAP-STARTED EAP authentication started
<2>EAP: Failed to initialize EAP method: vendor 0 method 13 (TLS)
<2>CTRL-EVENT-EAP-STARTED EAP authentication started
<2>EAP: Failed to initialize EAP method: vendor 0 method 13 (TLS)
<2>Authentication with 00:22:6b:4f:de:00 timed out.
<2>CTRL-EVENT-DISCONNECTED - Disconnect event - remove keys
<2>CTRL-EVENT-SCAN-RESULTS
<2>WPS-AP-AVAILABLE


______________________________________________________________________
DSP Group, Inc. automatically scans all emails and attachments using MessageLabs Email Security System.
_____________________________________________________________________
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.shmoo.com/pipermail/hostap/attachments/20090703/dd6a9592/attachment.htm 



More information about the Hostap mailing list