Regarding PEAP wpa_supplicant interoperability
jkmaline at cc.hut.fi
Mon Apr 4 22:07:32 EDT 2005
On Mon, Apr 04, 2005 at 12:46:31AM -0700, J I wrote:
> I tested without configuring the ca_cert in wpa_supplicant.cnf file , any how it successfully completed phase 1 and entered phase 2 authentication ( PEAP ), but after the APPLICATION DATA handshake it failed to proceed further. Is it the problem with IAS server configuration ? Can any one help me in this regard .
Please send debug log from wpa_supplicant showing this issue.
> In my case if i configure the server certificate in wpa_supplicant it is not identifying the issuer of the certificate, is this happening since IAS server i am using is in differant domain ?
What kind of certificate hierarchy are you using? Which certificate are
you configuring in wpa_supplicant and how (which configuration
variable)? If that "server certificate" is refering to the certificate
that IAS is using, it should not be configured in wpa_supplicant.conf.
ca_cert should be pointing to a CA certificate that signed the server
certificate or in case of more complex certificate hierarchy, a higher
level CA certificate could be better option.
Jouni Malinen PGP id EFC895FA
More information about the HostAP