wpa supplicant interoperability with IAS server for EAP-TLS
jkmaline at cc.hut.fi
Tue Apr 19 22:58:30 EDT 2005
On Tue, Apr 19, 2005 at 05:14:15AM -0700, J I wrote:
> I am trying to authenticate wpa_supplicant with IAS server using TLS authentication , but after the client certificate is sent to the IAS server an alert message is received specifying "access denied".I followed the following steps :
> 1. I generated the client certificate using the certificate service in IAS server
What is the subject of the certificate? Does it match with the identity
you used in wpa_supplicant configuration ("test")?
> 3. Converted the certificate of .pfx format to .pem format using Openssl utility.
> 4. Then the obtained .pem ( both for certificate and private key file )format certificate , i configured it in wpa_supplicant , with the passphrase.
wpa_supplicant should be able to use .pfx files, so this conversion
should not be required (but is ok in the sense that it does not cause
> With the above mentioned steps the authentication process reached upto certificate handshake , as soon as Client certificate is sent to Authentication server ( IAS ) an alert message specifying "access denied" was received.
Do you have access to the IAS server? If yes, please look at the event
log for detailed report on why the access was denied.
Jouni Malinen PGP id EFC895FA
More information about the HostAP