wpa_supplicant using EAP-TTLS problem

王奕元 dadai.cm91 at gmail.com
Wed Nov 7 00:00:45 EST 2007


Oh,
I had installed OpenSSL on another computer but no this one.
Thanks for your advice.

Well,
Can I ask who to create ca.pem??
I'm very unfamiliar with this.

After I install OpenSSL,
I copy the my-ca.pem to /etc/certs/ca.pem  and implement wpa_supplicant
again,
but screen shows:

CTRL-EVENT-DISCONNECTED - Disconnect event - remove keys
Associated with 00:19:5b:ec:9a:70
CTRL-EVENT-EAP-STARTED EAP authentication started
CTRL-EVENT-EAP-METHOD EAP vendor 0 method 21 (TTLS) selected
TLS: Certificate verification failed, error 19 (self signed certificate in
certificate chain) depth 1 for '/C=CA/ST=Province/L=Some
City/0=Organization/OU=localhost/CN=Client
certificate/emailAddress=client at example.com'
SSL: SSL3 alert: write (local SSL3 detected an error):fatal:unknown CA
OpenSSL: tls_connection_handshake - SSL_connect error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
CTRL-EVENT-EAP-FAILURE EAP authentication failed


2007/11/7, Jouni Malinen <j at w1.fi>:
>
> On Wed, Nov 07, 2007 at 11:01:21AM +0800, ?????? wrote:
>
> > Following is my wpa_supplicant conf:
>
> >     ca_cert="/etc/cert/ca.pem"
>
> > OpenSSL?G tls_connection_ca_cert - Failed to load root certificates
> > error?G02001002?Gsystem library?Gfopen?GNo such file or directory
>
> Do you have /etc/cert/ca.pem file on that system?
>
> --
> Jouni Malinen                                            PGP id EFC895FA
> _______________________________________________
> HostAP mailing list
> HostAP at shmoo.com
> http://lists.shmoo.com/mailman/listinfo/hostap
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.shmoo.com/pipermail/hostap/attachments/20071107/104541a4/attachment.htm 


More information about the HostAP mailing list