How to view WPA server's certificate?
j at w1.fi
Wed Nov 26 09:32:10 EST 2008
On Wed, Nov 26, 2008 at 01:47:26AM -0500, Matt McCutchen wrote:
> I am using wpa_supplicant via NetworkManager to connect to my
> university's WPA Enterprise wireless network. The wireless server
> certificate is signed by the ThawtePremiumServerCA, which I configured
> as the CA. I'd like to dump the server certificate to a file so I can
> inspect it. Is there an easy way to do this? If not, I might code one
> up to use myself and to offer to the project.
There is no such feature in wpa_supplicant, but it should be relatively
simple thing to add. The server certificate is available in
tls_verify_cb() in src/crypto/tls_openssl.c (assuming you are using
OpenSSL). wpa_supplicant is now just printing out the subject name of
the certification, but you could dump the full certificate (or a
fingerprint, etc.) here, too.
Jouni Malinen PGP id EFC895FA
More information about the HostAP