working example of wpa_supplicant to hostapd setup thatauthenticates using WPA-EAP with EAP-TLS ???

John Lumby johnlumby at hotmail.com
Tue Oct 27 22:07:36 EDT 2009


On Tue, 27 Oct 2009 Chuck wrote:

> On Mon 10/26/2009 6:45 PM, John Lumby wrote:
> > I have been trying to establish a wireless connection between two
> > laptops each running linux kernel 2.6.28 :
> ...
> > Could anyone please show me a working example of a pair of hostapd /
> > wpa_supplicant setup including wpa_supplicant.conf that authenticates to
> > the hostapd using WPA-EAP with EAP-TLS (or if impossible as per previous
> > paragraph - EAP-other ), and if possible answer my questions 1-3?   I
> > would be very grateful ...
> 
> I don't have a hostapd.conf for you to see (we use an off-the-shelf AP),
> but the following is what I use for EAP-TLS testing on the STA side
> 
> ...

I omitted to say I am using hostapd's built-in mini-eap-server

> 
> The part that tripped me up the most was creating the certificates. There
> seem to be a large number of different ways to do this, but the one that
> worked for me was a script called certhelper.py from the Fedora project.
>

I downloaded certhelper.py from
 http://cvs.fedora.redhat.com/viewcvs/extras-buildsys/utils/certhelper.py?root=fedora&rev=1.5&view=markup
based on this append :
 http://lists.shmoo.com/pipermail/hostap/2007-November/016508.html

> 
> The directions I wrote up for QA look something like:
> 
> # ./certhelper.py ca --outdir=/etc/freeradius/certs --name=wifi
> # ./certhelper.py normal --outdir=/etc/freeradius/certs --name=server --cadir=/etc/freeradius/certs --caname=wifi
> # mv /etc/freeradius/certs/server_key{_and_,}cert.pem
> # ./certhelper.py normal --outdir=/etc/freeradius/certs --name=client --cadir=/etc/freeradius/certs --caname=wifi
> # mv /etc/freeradius/certs/client_key{_and_,}cert.pem
> 
> HTH
> 
> ---chuck
> 
Chuck  --  Thanks a million  -  yes,  that worked!   I knew it had to be something like that.

Jouni   - I think it could help others greatly if you could add a mention of certhelper.py to the README

John

 		 	   		  
_________________________________________________________________
Ready for a deal-of-a-lifetime? See fantastic offers on Windows 7, in one convenient place.
http://go.microsoft.com/?linkid=9691634
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.shmoo.com/pipermail/hostap/attachments/20091027/7dd9b9dd/attachment.htm 


More information about the HostAP mailing list