Problem using ca_path to connect to a EAP-TLS network

Soh Kam Yung sohkamyung at gmail.com
Tue Dec 9 20:18:38 EST 2008


On Tue, Dec 9, 2008 at 11:25 PM, Dan Williams <dcbw at redhat.com> wrote:
>
> I'm pretty sure that OpenSSL doesn't support loading a PEM file with
> multiple CAs in it, thus if this is what you're trying to do, you'll
> only ever see the first certificate.  To load multiple CAs, you need to
> use PKCS12 certs or ca_path.  Not sure if this is your problem, but it
> might be.
>
> Dan
>

Dan,

My problem is ca_cert works, but not ca_path.

I'm not aware that wpa_supplicant/openssl can accept PKCS12 certs for
CAs.  The documentation in config_ssid.h for wpa_supplicant 0.5.11
says:

====
[...]
	 * ca_cert - File path to CA certificate file (PEM/DER)
	 *
[...]
	 * ca_path - Directory path for CA certificate files (PEM)
	 *
[...]
====

Regards,
Kam-Yung
-- 
Soh Kam Yung
my Google Reader Shared links:
(http://www.google.com/reader/shared/16851815156817689753)
my Google Reader Shared SFAS links:
(http://www.google.com/reader/shared/user/16851815156817689753/label/sfas)


More information about the HostAP mailing list