EAP-TLS with certificate-chain

Faigl Zoltán zfaigl at mik.bme.hu
Mon Feb 18 15:52:57 EST 2008


Dear All!


I am new on this list.

I would like to test EAP-TLS based authentication over IKEv2 protocol. 
The IKEv2 implementation I use (see IKEv2 project) applies 
wpa_supplicant at the client-side, and freeRadius at the server side.

I would like to test three test cases:
1. Server has an n-tier certificate chain , client has a 2-tier 
certificate chain (2-tier means: the peer certificate is signed directly 
by the self signed rootCA certificate)
2. Client has an n-tier certificate chain, server has a 2-tier 
certificate chain
3. Both the client and the server have multiple tier certificate chains.

Until this time I found out, how freeRadius can be configured with 
EAP-TLS, to send out a certificate-chain longer than 2-tier.
At the freeRadius side, I need to concatenate PEM format certificates in 
trust order -- from server certificate until the self-signed root-CA 
certificate, and give this as the server certificate file in the EAP-TLS 
configuration options.

So "server certificate file" in case of 4-tier case is:
- server.pem
- subsubCA.pem
- subCA.pem
- rootCA.pem
concatenated

Moreover, in the Trusted CAs list option, I give rootCA.pem.

As a consequence, during authentication, the server sends out all the 
4-tier certificate chain in the server Certificate handshake.
You can see this in my capture file (with wireshark) available on 
http://www.mcl.hu/~szlaj/trace1.cap (192.168.83.3 is freeRadius, 
192.168.81.3 is the Radius client).

I am currently testing the first test case, so I tried to give the 
following configuration for the wpa supplicant:

network={
        ssid=""
        key_mgmt=WPA-EAP
        pairwise=CCMP TKIP
        group=CCMP TKIP
        eap=TLS
        identity="leonardo"
        ca_cert="rootCA.pem"
        client_cert="client-1.pem"
        private_key="client.key"
        private_key_passwd="ikev2meas"
}

Here, client-1.crt is signed by rootCA
rootCA is the common CA of the client and server.

The problem is the following:
When the client receives the first group of TLS handshake messages from 
the server, it says "unknown CA" for the server certificates and the 
authentication is unsuccessful.
(see the capture file).

So, I have the following questions.

1. How to reach that the client side accept the certificate-chain of the 
server, if the common trusted CA is the rootCA?

2. Could you give the details of the configuration, of wpa_supplicant:  
what certificate formats can I use? PEM, DER or PKCS12? I would prefer 
PEM, but I can also convert to other formats.

(the only thing I found on the mailing list just  mentions the 
possibility of certificate-chains: 
http://lists.shmoo.com/pipermail/hostap/2006-September/014389.html. That 
did not help me, so I am quite interested in suggestions)

3. I would like to make functioning test cases 2 and 3. But, how to 
configure wpa_supplicant with n-tier client certificate chain? In these 
cases, what do you think about the freeRadius side EAP-TLS configuration?

If there is any documentation, or examples on n-tier certificate chains 
related with wpa_supplicant and freeradius, that would be very helpful 
for me

Best regards,
Zoltán Faigl

PhD student
Mobile Innovation Center
Hungary






More information about the HostAP mailing list