<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META NAME="Generator" CONTENT="MS Exchange Server version 6.5.7638.1">
<TITLE>EAP-TLS + internal crypto problem</TITLE>
</HEAD>
<BODY>
<!-- Converted from text/plain format -->
<P><FONT SIZE=2>Hi -<BR>
<BR>
I upgraded to the 0.7.x supplicant and elected to use the internal crypto, but my EAP-TLS configuration no longer works. Previously I used 0.5.10 + OpenSSL against a FreeRadius server and this worked well. The only difference now in the setup (STA, AP, FreeRadius, configuration files, etc) is the new supplicant built with CONFIG_TLS=internal. Is this a problem with internal crypto or maybe with my certs?<BR>
<BR>
[416] cat /nfsroot/ctuffli/target20/opt/wpa_supplicant.conf<BR>
ctrl_interface=/var/run/wpa_supplicant<BR>
update_config=1<BR>
<BR>
network={<BR>
ssid="linksys_WPS_1dwy"<BR>
<BR>
# 802.1X<BR>
key_mgmt=WPA-EAP<BR>
proto=RSN<BR>
eap=TLS<BR>
ca_cert="/certs/wifi_ca_cert.pem"<BR>
client_cert="/certs/client_keycert.pem"<BR>
private_key="/certs/client_keycert.pem"<BR>
private_key_passwd="whatever"<BR>
<BR>
identity="root"<BR>
}<BR>
<BR>
# /opt/bin/wpa_supplicant -v<BR>
wpa_supplicant v0.7.0<BR>
Copyright (c) 2003-2009, Jouni Malinen <j@w1.fi> and contributors<BR>
<BR>
# /opt/bin/wpa_cli<BR>
wpa_cli v0.7.0<BR>
Copyright (c) 2004-2009, Jouni Malinen <j@w1.fi> and contributors<BR>
<BR>
This program is free software. You can distribute it and/or modify it<BR>
under the terms of the GNU General Public License version 2.<BR>
<BR>
Alternatively, this software may be distributed under the terms of the<BR>
BSD license. See README and COPYING for more details.<BR>
<BR>
<BR>
Selected interface 'wifi0'<BR>
<BR>
Interactive mode<BR>
<BR>
> <2>CTRL-EVENT-SCAN-RESULTS<BR>
<2>WPS-AP-AVAILABLE<BR>
<2>Trying to associate with 00:22:6b:4f:de:00 (SSID='linksys_WPS_1dwy' freq=2462 MHz)<BR>
<2>CTRL-EVENT-DISCONNECTED - Disconnect event - remove keys<BR>
<2>Associated with 00:22:6b:4f:de:00<BR>
<2>CTRL-EVENT-EAP-STARTED EAP authentication started<BR>
<2>EAP: Failed to initialize EAP method: vendor 0 method 13 (TLS)<BR>
<2>CTRL-EVENT-EAP-STARTED EAP authentication started<BR>
<2>EAP: Failed to initialize EAP method: vendor 0 method 13 (TLS)<BR>
<2>Authentication with 00:22:6b:4f:de:00 timed out.<BR>
<2>CTRL-EVENT-DISCONNECTED - Disconnect event - remove keys<BR>
<2>CTRL-EVENT-SCAN-RESULTS<BR>
<2>WPS-AP-AVAILABLE<BR>
<BR>
</FONT>
</P>
<BR>
______________________________________________________________________<BR>
DSP Group, Inc. automatically scans all emails and attachments using MessageLabs Email Security System.<BR>
_____________________________________________________________________<BR>
</BODY>
</HTML>