wpa not working with server ca

Rocci rocci at rocknetworks.net.au
Sat May 7 03:10:54 EDT 2005


Thanks Heaps Simon,
That worked for me.
However, that variable should be include_tls_length=1, and not 
includes_tls_length=1.
I think Jouni had accidentally mispelled that variable in his posted 
reply to your original post regarding this problem.
You might want to change the spelling in your config and try again.

I wonder why I didn't need include_tls_length=1 until now. Perhaps IT 
services changed something on their wifi network.
Anyway, it works and I'm back on the UOW WiFi network using WPA.

For those that may find it useful, here is my wpa_supplicant config:

eapol_version=1
ap_scan=1
fast_reauth=1

network={
        ssid="ACHERNAR-BG"
        key_mgmt=WPA-EAP
        eap=PEAP
        pairwise=TKIP
        group=TKIP
        identity="myusername"
        password="mypassword"
        ca_cert="/etc/ssl/certs/Thawte_Server_CA.pem"
        phase1="peaplabel=0 include_tls_length=1"
        phase2="auth=MSCHAPV2"
        priority=1
}

Hope this helps others as it did me.
- Rocci.


Simon Males wrote:

>
> Rocci wrote:
>
>> Hi there,
>> I once had this working on my university network but it no longer works.
>> I have since upgraded my kernel and other aspects of my OS.
>> Recompiled madwifi & wpa_supplicant on new linux kernel.
>> WPA-PSK works fine on my PSK network at home but I can no longer get 
>> this to work on my university network.
>
>
> Rocci,
>
>     Bugger, I never got the chance to connect (been struggling since 
> start of semester), its not looking good if even you cannot connect! I 
> posted a -d output a little while ago, Jouni asked me to pump out -dd 
> output. Jouni did recommend to add includes_tls_length=1 to phase1, 
> although my conf is a little different.
>
> Initial thread:
> http://lists.shmoo.com/pipermail/hostap/2005-April/010030.html
>
> I let it run for a little while and don't want to paste the whole 
> output to the list.
>
> http://anticd.org/~sime/wifi/wpa_error-dd.txt
>
> wpa_supplicant.conf:
> network={
>        ssid="ACHERNAR-BG"
>        key_mgmt=WPA-EAP
>        eap=PEAP
>        pairwise=TKIP
>        group=TKIP
>        identity="***"
>        password="***"
>        ca_cert="/home/sime/Downloads/wifi/thawte/ThawteServerCA.pem"
>        phase1="peaplabel=0 includes_tls_length=1"
>        phase2="auth=MSCHAPV2"
>        priority=10
> }
>
>



More information about the HostAP mailing list