Cannot get hostapd radius to authenticate OSEN connection.

Ben Greear greearb at candelatech.com
Fri Mar 20 17:24:03 EDT 2015


On 03/20/2015 01:12 PM, Jouni Malinen wrote:
> On Fri, Mar 20, 2015 at 11:50:02AM -0700, Ben Greear wrote:
>> I was thinking that I would want two different sets of keys, one for OSEN
>> radius and one for the 'real' AP's radius so that I was more certain that
>> various HS20 logic is working properly and not just getting lucky due
>> to stale or mis-used keys & certs?
> 
> You can certainly do that. Still, I would use the OSU server example to
> figure out what information needs to be included in the OSEN server
> certificate.

Ok, I started looking at hs20/server/ca/*

It is absolutely beyond comprehension :)

Anyway, my goal is to bring up everything I need on a single machine
so I can do isolated (as possible) testing and verification of HS20.

I guess I could start by making a new openssl.cnf that uses `hostname`
instead of the w1.fi stuff, or does that actually matter?

Thanks,
Ben

-- 
Ben Greear <greearb at candelatech.com>
Candela Technologies Inc  http://www.candelatech.com



More information about the HostAP mailing list