wpa_supplicant 802.1x how to convert certnew.cer to ca.pem

81 views
Skip to first unread message

conv

unread,
Dec 14, 2006, 2:03:57 PM12/14/06
to Linux Users Group
Hi All:
I am trying to establish my wifi on FC6. It works ok at home with
WPA-PSK.
However at office, we are using 802.1x. I manage to download the
certnew.cer
created by the microsoft certficate server. I ran the following
command at it
to create the ca.pem file.

openssl x509 -in ./certnew.cer -inform DER -out /etc/cert/ca.pem
-outform PEM

But wpa_supplicant seems to reject it.

Stopping wpa_supplicant: [FAILED]
Starting wpa_supplicant: -ieth1 -DwextLine 26: failed to parse ca_cert
'/etc/cert/ca.pem'.
Line 26: failed to parse ca_cert '/etc/cert/ca.pem'.
Line 30: WPA-PSK accepted for key management, but no PSK configured.
Line 30: failed to parse network block.
Failed to read read or parse configuration
'/etc/wpa_supplicant/wpa_supplicant.conf'.

Thanks for the help

santoniu

unread,
Dec 15, 2006, 6:57:48 PM12/15/06
to Linux Users Group
WPA supplicant expects to find the certificate private key inside the
PEM file.
An usable PEM file should look like this:

-----BEGIN RSA PRIVATE KEY-----
[ RSA KEY DATA ]
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
[ CERTIFICATE DATA ]
-----END CERTIFICATE-----

Get the server's private key, certnew.key, then do:
cat certnew.key > certnew.pem
cat certnew.cer >> certnew.pem

This should fix your 802.1x authentication problem. If not, try google
and MSDN.

George

Reply all
Reply to author
Forward
0 new messages