Trouble connecting to WPA PEAP TKIP network.

Jouni Malinen jkmaline at
Wed Dec 7 10:59:15 EST 2005

On Mon, Dec 05, 2005 at 01:07:13PM -0800, Kearney, Chris wrote:

> Hello folks, I am struggling with connecting to a wpa peap tkip network
> at my office. I have tried to be as verbose as possible with the
> following information.  Any ideas/suggestions would be most appreciated!

> -----------------
> We have a cert, I have saved it in /usr/share/ssl/certs/CollabSvcsCA.crt
> -rw-r--r--  1 root root 828 Dec  5 12:29
> /usr/share/ssl/certs/CollabSvcsCA.crt

I would assume that this is in DER format.

> OpenSSL: tls_connection_ca_cert - Failed to load root certificates
> error:00000000:lib(0):func(0):reason(0)
> TLS: Failed to set TLS connection parameters

And OpenSSL does not seem to want to load it. I would recommend trying
to convert the CA certificate into PEM format, e.g., with

openssl x509 -inform DER -in CollabSvcsCA.crt -outform PEM \
    -out CollabSvcsCa.pem

and then configuring wpa_supplicant to use this .pem file as ca_cert.

Jouni Malinen                                            PGP id EFC895FA

More information about the HostAP mailing list