wpa_supplicant doesn't connect using IEEE8021X
Clash Royale CLAN TAG#URR8PPP
I'm working on a Raspberry Pi 3B+ and I'm trying to connect to a WPA-EAP network. I managed to successfully connected using PEAP with the following configuration:
network=
ssid="whatever"
scan_ssid=1
key_mgmt=WPA-EAP
eap=PEAP
identity="whatever2"
password="whatever3"
phase2="auth=MSCHAPV2"
I monitored the FreeRadius log and no problem, connection established with Internet access using the following command:
$ sudo wpa_supplicant -iwlan0 -cpeap.conf
Then I tried to connect using IEEE8021X with certificates and I'm using the following configuration:
eapol_version=1
network=
ssid="whatever"
scan_ssid=1
key_mgmt=IEEE8021X
eap=TLS
identity="whatever2"
client_cert="DEVICE1_cert.pem"
private_key="DEVICE1_key.pem"
private_key_passwd="whatever3"
With this configuration I'm not even getting a request on my radius server (no change to the logs whatsoever). I'm getting the following errors also in the terminal:
$ sudo wpa_supplicant -iwlan0 -c8021.conf
successfully initialized wpa_supplicant
wlan0: Trying to associate with XX:XX:XX:XX:XX:XX (SSID="***" freq=2442 MHz)
wlan0: CTRL-EVENT-ASSOC-REJECT bssid=00:00:00:00:00:00 status_code=16
wpa-supplicant
edited Jan 29 at 18:57
Rui F Ribeiro
40.3k1479137
asked Jan 29 at 18:31
Kennet CelesteKennet Celeste
992
add a comment |
I'm working on a Raspberry Pi 3B+ and I'm trying to connect to a WPA-EAP network. I managed to successfully connected using PEAP with the following configuration:
network=
ssid="whatever"
scan_ssid=1
key_mgmt=WPA-EAP
eap=PEAP
identity="whatever2"
password="whatever3"
phase2="auth=MSCHAPV2"
I monitored the FreeRadius log and no problem, connection established with Internet access using the following command:
$ sudo wpa_supplicant -iwlan0 -cpeap.conf
Then I tried to connect using IEEE8021X with certificates and I'm using the following configuration:
eapol_version=1
network=
ssid="whatever"
scan_ssid=1
key_mgmt=IEEE8021X
eap=TLS
identity="whatever2"
client_cert="DEVICE1_cert.pem"
private_key="DEVICE1_key.pem"
private_key_passwd="whatever3"
With this configuration I'm not even getting a request on my radius server (no change to the logs whatsoever). I'm getting the following errors also in the terminal:
$ sudo wpa_supplicant -iwlan0 -c8021.conf
successfully initialized wpa_supplicant
wlan0: Trying to associate with XX:XX:XX:XX:XX:XX (SSID="***" freq=2442 MHz)
wlan0: CTRL-EVENT-ASSOC-REJECT bssid=00:00:00:00:00:00 status_code=16
wpa-supplicant
edited Jan 29 at 18:57
Rui F Ribeiro
40.3k1479137
asked Jan 29 at 18:31
Kennet CelesteKennet Celeste
992
We are not able to understand what is happening if you do not edit the question and detail the certificates configuration/how they were created both in the FR server and the client side.
– Rui F Ribeiro
Jan 29 at 18:58
@RuiFRibeiro I understand , however the freeradius does not even get any packet from the client. How can this be certificate problem?
– Kennet Celeste
Jan 29 at 20:59
If somewhat the certificates/server is not trusted by the client/OS, it wont send anything. The certificates are there to establish a relation of trust, which obviously has some loose end.
– Rui F Ribeiro
Jan 29 at 21:00
1
@RuiFRibeiro I'm using two self signed certificates. I don't know how to detail the certificates configuration/how they were created both in the FR server and the client side ? what exactly do you need to know about certificates so that I can add it to the question? e.g. the commands that I use to create certificate ?
– Kennet Celeste
Jan 30 at 14:27
add a comment |
I'm working on a Raspberry Pi 3B+ and I'm trying to connect to a WPA-EAP network. I managed to successfully connected using PEAP with the following configuration:
network=
ssid="whatever"
scan_ssid=1
key_mgmt=WPA-EAP
eap=PEAP
identity="whatever2"
password="whatever3"
phase2="auth=MSCHAPV2"
I monitored the FreeRadius log and no problem, connection established with Internet access using the following command:
$ sudo wpa_supplicant -iwlan0 -cpeap.conf
Then I tried to connect using IEEE8021X with certificates and I'm using the following configuration:
eapol_version=1
network=
ssid="whatever"
scan_ssid=1
key_mgmt=IEEE8021X
eap=TLS
identity="whatever2"
client_cert="DEVICE1_cert.pem"
private_key="DEVICE1_key.pem"
private_key_passwd="whatever3"
With this configuration I'm not even getting a request on my radius server (no change to the logs whatsoever). I'm getting the following errors also in the terminal:
$ sudo wpa_supplicant -iwlan0 -c8021.conf
successfully initialized wpa_supplicant
wlan0: Trying to associate with XX:XX:XX:XX:XX:XX (SSID="***" freq=2442 MHz)
wlan0: CTRL-EVENT-ASSOC-REJECT bssid=00:00:00:00:00:00 status_code=16
wpa-supplicant
edited Jan 29 at 18:57
Rui F Ribeiro
40.3k1479137
asked Jan 29 at 18:31
Kennet CelesteKennet Celeste
992
I'm working on a Raspberry Pi 3B+ and I'm trying to connect to a WPA-EAP network. I managed to successfully connected using PEAP with the following configuration:
network=
ssid="whatever"
scan_ssid=1
key_mgmt=WPA-EAP
eap=PEAP
identity="whatever2"
password="whatever3"
phase2="auth=MSCHAPV2"
I monitored the FreeRadius log and no problem, connection established with Internet access using the following command:
$ sudo wpa_supplicant -iwlan0 -cpeap.conf
Then I tried to connect using IEEE8021X with certificates and I'm using the following configuration:
eapol_version=1
network=
ssid="whatever"
scan_ssid=1
key_mgmt=IEEE8021X
eap=TLS
identity="whatever2"
client_cert="DEVICE1_cert.pem"
private_key="DEVICE1_key.pem"
private_key_passwd="whatever3"
With this configuration I'm not even getting a request on my radius server (no change to the logs whatsoever). I'm getting the following errors also in the terminal:
$ sudo wpa_supplicant -iwlan0 -c8021.conf
successfully initialized wpa_supplicant
wlan0: Trying to associate with XX:XX:XX:XX:XX:XX (SSID="***" freq=2442 MHz)
wlan0: CTRL-EVENT-ASSOC-REJECT bssid=00:00:00:00:00:00 status_code=16
wpa-supplicant
wpa-supplicant
edited Jan 29 at 18:57
Rui F Ribeiro
40.3k1479137
asked Jan 29 at 18:31
Kennet CelesteKennet Celeste
992
edited Jan 29 at 18:57
Rui F Ribeiro
40.3k1479137
asked Jan 29 at 18:31
Kennet CelesteKennet Celeste
992
edited Jan 29 at 18:57
Rui F Ribeiro
40.3k1479137
edited Jan 29 at 18:57
Rui F Ribeiro
40.3k1479137
edited Jan 29 at 18:57
Rui F Ribeiro
40.3k1479137
40.3k1479137
asked Jan 29 at 18:31
Kennet CelesteKennet Celeste
992
asked Jan 29 at 18:31
Kennet CelesteKennet Celeste
992
asked Jan 29 at 18:31
Kennet CelesteKennet Celeste
992
992
We are not able to understand what is happening if you do not edit the question and detail the certificates configuration/how they were created both in the FR server and the client side.
– Rui F Ribeiro
Jan 29 at 18:58
@RuiFRibeiro I understand , however the freeradius does not even get any packet from the client. How can this be certificate problem?
– Kennet Celeste
Jan 29 at 20:59
If somewhat the certificates/server is not trusted by the client/OS, it wont send anything. The certificates are there to establish a relation of trust, which obviously has some loose end.
– Rui F Ribeiro
Jan 29 at 21:00
1
@RuiFRibeiro I'm using two self signed certificates. I don't know how to detail the certificates configuration/how they were created both in the FR server and the client side ? what exactly do you need to know about certificates so that I can add it to the question? e.g. the commands that I use to create certificate ?
– Kennet Celeste
Jan 30 at 14:27
add a comment |
We are not able to understand what is happening if you do not edit the question and detail the certificates configuration/how they were created both in the FR server and the client side.
– Rui F Ribeiro
Jan 29 at 18:58
@RuiFRibeiro I understand , however the freeradius does not even get any packet from the client. How can this be certificate problem?
– Kennet Celeste
Jan 29 at 20:59
If somewhat the certificates/server is not trusted by the client/OS, it wont send anything. The certificates are there to establish a relation of trust, which obviously has some loose end.
– Rui F Ribeiro
Jan 29 at 21:00
1
@RuiFRibeiro I'm using two self signed certificates. I don't know how to detail the certificates configuration/how they were created both in the FR server and the client side ? what exactly do you need to know about certificates so that I can add it to the question? e.g. the commands that I use to create certificate ?
– Kennet Celeste
Jan 30 at 14:27
We are not able to understand what is happening if you do not edit the question and detail the certificates configuration/how they were created both in the FR server and the client side.
– Rui F Ribeiro
Jan 29 at 18:58
We are not able to understand what is happening if you do not edit the question and detail the certificates configuration/how they were created both in the FR server and the client side.
– Rui F Ribeiro
Jan 29 at 18:58
@RuiFRibeiro I understand , however the freeradius does not even get any packet from the client. How can this be certificate problem?
– Kennet Celeste
Jan 29 at 20:59
@RuiFRibeiro I understand , however the freeradius does not even get any packet from the client. How can this be certificate problem?
– Kennet Celeste
Jan 29 at 20:59
If somewhat the certificates/server is not trusted by the client/OS, it wont send anything. The certificates are there to establish a relation of trust, which obviously has some loose end.
– Rui F Ribeiro
Jan 29 at 21:00
If somewhat the certificates/server is not trusted by the client/OS, it wont send anything. The certificates are there to establish a relation of trust, which obviously has some loose end.
– Rui F Ribeiro
Jan 29 at 21:00
1
1
@RuiFRibeiro I'm using two self signed certificates. I don't know how to detail the certificates configuration/how they were created both in the FR server and the client side ? what exactly do you need to know about certificates so that I can add it to the question? e.g. the commands that I use to create certificate ?
– Kennet Celeste
Jan 30 at 14:27
@RuiFRibeiro I'm using two self signed certificates. I don't know how to detail the certificates configuration/how they were created both in the FR server and the client side ? what exactly do you need to know about certificates so that I can add it to the question? e.g. the commands that I use to create certificate ?
– Kennet Celeste
Jan 30 at 14:27
add a comment |
1 Answer
1
active
oldest
votes
I would check to make sure their is no firewall interfering with the communication to the server for TLS on RADIUS. The port is TCP/2083 referenced from here: https://tools.ietf.org/html/rfc6614 . If you have outbound rules on the client these matter as well.
This, wlan0: CTRL-EVENT-ASSOC-REJECT bssid=00:00:00:00:00:00 status_code=16, being on the client. Means that your client has timed out waiting for a frame that never shows up. So the server/AP is either not sending the frame after hearing the request or it never received the request for it.
Does this help:
EAP-TLS
EAP-TLS uses the TLS public key certificate authentication mechanism within EAP to provide mutual authentication of client to server and server to client. With EAP-TLS, both the client and the server must be assigned a digital certificate signed by a Certificate Authority (CA) that they both trust.
Found here: https://www.interlinknetworks.com/app_notes/eap-peap.htm
answered Jan 29 at 23:27
Michael ProkopecMichael Prokopec
1,490218
I'm pretty sure it's not a Firewall issue since WPA-EAP with PEAP works fine with the same exact configuration on the same devices. About the second part of your commentMeans that your client has timed out waiting for a frame that never shows up.: Does this mean that the freeradius server actually should show some request in the log ?
– Kennet Celeste
Jan 30 at 4:06
Yes, it most certainly does mean that it should, but as you say it hasn't. That means that the attempted communication is either being dropped, lost or corrupted in route hence my firewall theory.
– Michael Prokopec
Jan 30 at 5:44
EAP-TLS uses the same ports as PEAP. 2083 is used by RADsec, which is something else. Nonetheless, the OP seems more interested in counter-debating what is being said and asked than improving its question to get to the bottom of it. I have had enough of it.
– Rui F Ribeiro
Jan 30 at 7:45
1
@RuiFRibeiro I'm using two self signed certificates. I don't know how todetail the certificates configuration/how they were created both in the FR server and the client side? what exactly do you need to know about certificates so that I can add it to the question? e.g. the commands that I use to create certificate ?
– Kennet Celeste
Jan 30 at 14:23
add a comment |
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "106"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f497522%2fwpa-supplicant-doesnt-connect-using-ieee8021x%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
I would check to make sure their is no firewall interfering with the communication to the server for TLS on RADIUS. The port is TCP/2083 referenced from here: https://tools.ietf.org/html/rfc6614 . If you have outbound rules on the client these matter as well.
This, wlan0: CTRL-EVENT-ASSOC-REJECT bssid=00:00:00:00:00:00 status_code=16, being on the client. Means that your client has timed out waiting for a frame that never shows up. So the server/AP is either not sending the frame after hearing the request or it never received the request for it.
Does this help:
EAP-TLS
EAP-TLS uses the TLS public key certificate authentication mechanism within EAP to provide mutual authentication of client to server and server to client. With EAP-TLS, both the client and the server must be assigned a digital certificate signed by a Certificate Authority (CA) that they both trust.
Found here: https://www.interlinknetworks.com/app_notes/eap-peap.htm
answered Jan 29 at 23:27
Michael ProkopecMichael Prokopec
1,490218
I'm pretty sure it's not a Firewall issue since WPA-EAP with PEAP works fine with the same exact configuration on the same devices. About the second part of your commentMeans that your client has timed out waiting for a frame that never shows up.: Does this mean that the freeradius server actually should show some request in the log ?
– Kennet Celeste
Jan 30 at 4:06
Yes, it most certainly does mean that it should, but as you say it hasn't. That means that the attempted communication is either being dropped, lost or corrupted in route hence my firewall theory.
– Michael Prokopec
Jan 30 at 5:44
EAP-TLS uses the same ports as PEAP. 2083 is used by RADsec, which is something else. Nonetheless, the OP seems more interested in counter-debating what is being said and asked than improving its question to get to the bottom of it. I have had enough of it.
– Rui F Ribeiro
Jan 30 at 7:45
1
@RuiFRibeiro I'm using two self signed certificates. I don't know how todetail the certificates configuration/how they were created both in the FR server and the client side? what exactly do you need to know about certificates so that I can add it to the question? e.g. the commands that I use to create certificate ?
– Kennet Celeste
Jan 30 at 14:23
add a comment |
I would check to make sure their is no firewall interfering with the communication to the server for TLS on RADIUS. The port is TCP/2083 referenced from here: https://tools.ietf.org/html/rfc6614 . If you have outbound rules on the client these matter as well.
This, wlan0: CTRL-EVENT-ASSOC-REJECT bssid=00:00:00:00:00:00 status_code=16, being on the client. Means that your client has timed out waiting for a frame that never shows up. So the server/AP is either not sending the frame after hearing the request or it never received the request for it.
Does this help:
EAP-TLS
EAP-TLS uses the TLS public key certificate authentication mechanism within EAP to provide mutual authentication of client to server and server to client. With EAP-TLS, both the client and the server must be assigned a digital certificate signed by a Certificate Authority (CA) that they both trust.
Found here: https://www.interlinknetworks.com/app_notes/eap-peap.htm
answered Jan 29 at 23:27
Michael ProkopecMichael Prokopec
1,490218
I'm pretty sure it's not a Firewall issue since WPA-EAP with PEAP works fine with the same exact configuration on the same devices. About the second part of your commentMeans that your client has timed out waiting for a frame that never shows up.: Does this mean that the freeradius server actually should show some request in the log ?
– Kennet Celeste
Jan 30 at 4:06
Yes, it most certainly does mean that it should, but as you say it hasn't. That means that the attempted communication is either being dropped, lost or corrupted in route hence my firewall theory.
– Michael Prokopec
Jan 30 at 5:44
EAP-TLS uses the same ports as PEAP. 2083 is used by RADsec, which is something else. Nonetheless, the OP seems more interested in counter-debating what is being said and asked than improving its question to get to the bottom of it. I have had enough of it.
– Rui F Ribeiro
Jan 30 at 7:45
1
@RuiFRibeiro I'm using two self signed certificates. I don't know how todetail the certificates configuration/how they were created both in the FR server and the client side? what exactly do you need to know about certificates so that I can add it to the question? e.g. the commands that I use to create certificate ?
– Kennet Celeste
Jan 30 at 14:23
add a comment |
I would check to make sure their is no firewall interfering with the communication to the server for TLS on RADIUS. The port is TCP/2083 referenced from here: https://tools.ietf.org/html/rfc6614 . If you have outbound rules on the client these matter as well.
This, wlan0: CTRL-EVENT-ASSOC-REJECT bssid=00:00:00:00:00:00 status_code=16, being on the client. Means that your client has timed out waiting for a frame that never shows up. So the server/AP is either not sending the frame after hearing the request or it never received the request for it.
Does this help:
EAP-TLS
EAP-TLS uses the TLS public key certificate authentication mechanism within EAP to provide mutual authentication of client to server and server to client. With EAP-TLS, both the client and the server must be assigned a digital certificate signed by a Certificate Authority (CA) that they both trust.
Found here: https://www.interlinknetworks.com/app_notes/eap-peap.htm
answered Jan 29 at 23:27
Michael ProkopecMichael Prokopec
1,490218
I would check to make sure their is no firewall interfering with the communication to the server for TLS on RADIUS. The port is TCP/2083 referenced from here: https://tools.ietf.org/html/rfc6614 . If you have outbound rules on the client these matter as well.
This, wlan0: CTRL-EVENT-ASSOC-REJECT bssid=00:00:00:00:00:00 status_code=16, being on the client. Means that your client has timed out waiting for a frame that never shows up. So the server/AP is either not sending the frame after hearing the request or it never received the request for it.
Does this help:
EAP-TLS
EAP-TLS uses the TLS public key certificate authentication mechanism within EAP to provide mutual authentication of client to server and server to client. With EAP-TLS, both the client and the server must be assigned a digital certificate signed by a Certificate Authority (CA) that they both trust.
Found here: https://www.interlinknetworks.com/app_notes/eap-peap.htm
answered Jan 29 at 23:27
Michael ProkopecMichael Prokopec
1,490218
edited Jan 30 at 5:53
answered Jan 29 at 23:27
Michael ProkopecMichael Prokopec
1,490218
answered Jan 29 at 23:27
Michael ProkopecMichael Prokopec
1,490218
answered Jan 29 at 23:27
Michael ProkopecMichael Prokopec
1,490218
1,490218
I'm pretty sure it's not a Firewall issue since WPA-EAP with PEAP works fine with the same exact configuration on the same devices. About the second part of your commentMeans that your client has timed out waiting for a frame that never shows up.: Does this mean that the freeradius server actually should show some request in the log ?
– Kennet Celeste
Jan 30 at 4:06
Yes, it most certainly does mean that it should, but as you say it hasn't. That means that the attempted communication is either being dropped, lost or corrupted in route hence my firewall theory.
– Michael Prokopec
Jan 30 at 5:44
EAP-TLS uses the same ports as PEAP. 2083 is used by RADsec, which is something else. Nonetheless, the OP seems more interested in counter-debating what is being said and asked than improving its question to get to the bottom of it. I have had enough of it.
– Rui F Ribeiro
Jan 30 at 7:45
1
@RuiFRibeiro I'm using two self signed certificates. I don't know how todetail the certificates configuration/how they were created both in the FR server and the client side? what exactly do you need to know about certificates so that I can add it to the question? e.g. the commands that I use to create certificate ?
– Kennet Celeste
Jan 30 at 14:23
add a comment |
I'm pretty sure it's not a Firewall issue since WPA-EAP with PEAP works fine with the same exact configuration on the same devices. About the second part of your commentMeans that your client has timed out waiting for a frame that never shows up.: Does this mean that the freeradius server actually should show some request in the log ?
– Kennet Celeste
Jan 30 at 4:06
Yes, it most certainly does mean that it should, but as you say it hasn't. That means that the attempted communication is either being dropped, lost or corrupted in route hence my firewall theory.
– Michael Prokopec
Jan 30 at 5:44
EAP-TLS uses the same ports as PEAP. 2083 is used by RADsec, which is something else. Nonetheless, the OP seems more interested in counter-debating what is being said and asked than improving its question to get to the bottom of it. I have had enough of it.
– Rui F Ribeiro
Jan 30 at 7:45
1
@RuiFRibeiro I'm using two self signed certificates. I don't know how todetail the certificates configuration/how they were created both in the FR server and the client side? what exactly do you need to know about certificates so that I can add it to the question? e.g. the commands that I use to create certificate ?
– Kennet Celeste
Jan 30 at 14:23
I'm pretty sure it's not a Firewall issue since WPA-EAP with PEAP works fine with the same exact configuration on the same devices. About the second part of your comment
Means that your client has timed out waiting for a frame that never shows up.: Does this mean that the freeradius server actually should show some request in the log ?– Kennet Celeste
Jan 30 at 4:06
I'm pretty sure it's not a Firewall issue since WPA-EAP with PEAP works fine with the same exact configuration on the same devices. About the second part of your comment
Means that your client has timed out waiting for a frame that never shows up.: Does this mean that the freeradius server actually should show some request in the log ?– Kennet Celeste
Jan 30 at 4:06
Yes, it most certainly does mean that it should, but as you say it hasn't. That means that the attempted communication is either being dropped, lost or corrupted in route hence my firewall theory.
– Michael Prokopec
Jan 30 at 5:44
Yes, it most certainly does mean that it should, but as you say it hasn't. That means that the attempted communication is either being dropped, lost or corrupted in route hence my firewall theory.
– Michael Prokopec
Jan 30 at 5:44
EAP-TLS uses the same ports as PEAP. 2083 is used by RADsec, which is something else. Nonetheless, the OP seems more interested in counter-debating what is being said and asked than improving its question to get to the bottom of it. I have had enough of it.
– Rui F Ribeiro
Jan 30 at 7:45
EAP-TLS uses the same ports as PEAP. 2083 is used by RADsec, which is something else. Nonetheless, the OP seems more interested in counter-debating what is being said and asked than improving its question to get to the bottom of it. I have had enough of it.
– Rui F Ribeiro
Jan 30 at 7:45
1
1
@RuiFRibeiro I'm using two self signed certificates. I don't know how to
detail the certificates configuration/how they were created both in the FR server and the client side ? what exactly do you need to know about certificates so that I can add it to the question? e.g. the commands that I use to create certificate ?– Kennet Celeste
Jan 30 at 14:23
@RuiFRibeiro I'm using two self signed certificates. I don't know how to
detail the certificates configuration/how they were created both in the FR server and the client side ? what exactly do you need to know about certificates so that I can add it to the question? e.g. the commands that I use to create certificate ?– Kennet Celeste
Jan 30 at 14:23
add a comment |
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f497522%2fwpa-supplicant-doesnt-connect-using-ieee8021x%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
We are not able to understand what is happening if you do not edit the question and detail the certificates configuration/how they were created both in the FR server and the client side.
– Rui F Ribeiro
Jan 29 at 18:58
@RuiFRibeiro I understand , however the freeradius does not even get any packet from the client. How can this be certificate problem?
– Kennet Celeste
Jan 29 at 20:59
If somewhat the certificates/server is not trusted by the client/OS, it wont send anything. The certificates are there to establish a relation of trust, which obviously has some loose end.
– Rui F Ribeiro
Jan 29 at 21:00
1
@RuiFRibeiro I'm using two self signed certificates. I don't know how to detail the certificates configuration/how they were created both in the FR server and the client side ? what exactly do you need to know about certificates so that I can add it to the question? e.g. the commands that I use to create certificate ?
– Kennet Celeste
Jan 30 at 14:27