How to view WPA server's certificate?

Matt McCutchen matt at mattmccutchen.net
Wed Nov 26 01:47:26 EST 2008


Dear HostAP/wpa_supplicant people,

I am using wpa_supplicant via NetworkManager to connect to my
university's WPA Enterprise wireless network.  The wireless server
certificate is signed by the ThawtePremiumServerCA, which I configured
as the CA.  I'd like to dump the server certificate to a file so I can
inspect it.  Is there an easy way to do this?  If not, I might code one
up to use myself and to offer to the project.

Motivation: My friend connected his iPhone to the same network, and
since the iPhone did not have the CA certificate, it showed him the
server certificate and asked him whether to accept.  If I could dump the
server certificate on my computer and manually verify it against the CA,
then I could tell him the fingerprint and he could check it against the
iPhone's prompt to make sure he is connecting to the right network.
(Most users probably wouldn't bother with such a security check, but as
a security-conscious user, I think it should be possible to perform.)

Thanks,
Matt



More information about the HostAP mailing list