Cannot get hostapd radius to authenticate OSEN connection.

Jouni Malinen j at w1.fi
Fri Mar 20 16:13:34 EDT 2015


On Fri, Mar 20, 2015 at 10:24:56AM -0700, Ben Greear wrote:
> Then, after grubbing around in open-ssl document, I realized it was the OCSP
> logic that was failing.
> 
> I removed the 'ocsp=2' from the wpa_supplicant config file and then
> it connected!
> 
> I am wondering if OCSP is even supposed to work with self-signed certs?  Or maybe
> that warning/error about the client cert is a real issue?

Assuming you want to do this properly, OSEN is required to use OCSP and
in real deployments, the server certificate must be signed by one of the
golden trust roots selected for the Passpoint program.

-- 
Jouni Malinen                                            PGP id EFC895FA


More information about the HostAP mailing list