If I try to connect with a fresh setup from the network manager gui, it works but /var/log/wpa_supplicant.log contains:
CTRL-EVENT-SCAN-RESULTS
Associated with 00:1e:be:a7:f6:90
CTRL-EVENT-EAP-STARTED EAP authentication started
CTRL-EVENT-EAP-METHOD EAP vendor 0 method 21 (TTLS) selected
OpenSSL: tls_connection_handshake - Failed to read possible Application Data error:00000000:lib(0):func(0):reason(0)
CTRL-EVENT-EAP-SUCCESS EAP authentication completed successfully
WPA: Key negotiation completed with 00:1e:be:a7:f6:90 [PTK=TKIP GTK=TKIP]
CTRL-EVENT-CONNECTED - Connection to 00:1e:be:a7:f6:90 completed (reauth) [id=0 id_str=]
So it seems it didn't succeed to validate the certificate... but it continues (dangerous)
If I try to update the settings, it doesn't work because of a self-certificate in the certificate chain:
Associated with 00:1e:be:a8:38:20
CTRL-EVENT-SCAN-RESULTS
CTRL-EVENT-EAP-STARTED EAP authentication started
CTRL-EVENT-EAP-METHOD EAP vendor 0 method 21 (TTLS) selected
TLS: Certificate verification failed, error 19 (self signed certificate in certificate chain) depth 2 for '/C=US/O=GTE Corporation/OU=GTE CyberTrust Solutions, Inc./CN=GTE CyberTrust Global Root'
SSL: SSL3 alert: write (local SSL3 detected an error):fatal:unknown CA
OpenSSL: tls_connection_handshake - SSL_connect error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
CTRL-EVENT-EAP-FAILURE EAP authentication failed
CTRL-EVENT-DISCONNECTED - Disconnect event - remove keys
So my hypothesis is that we have two bugs:
- one with no validation of certificate when settings are new
- one with strange validation of root certificate (of course it's a self certfiicate ! ;-)
I'm not sure it's really solved.
If I try to connect with a fresh setup from the network manager gui, it works but /var/log/ wpa_supplicant. log contains:
CTRL-EVENT- SCAN-RESULTS EAP-STARTED EAP authentication started EAP-METHOD EAP vendor 0 method 21 (TTLS) selected handshake - Failed to read possible Application Data error:00000000: lib(0): func(0) :reason( 0) EAP-SUCCESS EAP authentication completed successfully CONNECTED - Connection to 00:1e:be:a7:f6:90 completed (reauth) [id=0 id_str=]
Associated with 00:1e:be:a7:f6:90
CTRL-EVENT-
CTRL-EVENT-
OpenSSL: tls_connection_
CTRL-EVENT-
WPA: Key negotiation completed with 00:1e:be:a7:f6:90 [PTK=TKIP GTK=TKIP]
CTRL-EVENT-
So it seems it didn't succeed to validate the certificate... but it continues (dangerous)
If I try to update the settings, it doesn't work because of a self-certificate in the certificate chain:
Associated with 00:1e:be:a8:38:20 SCAN-RESULTS EAP-STARTED EAP authentication started EAP-METHOD EAP vendor 0 method 21 (TTLS) selected fatal:unknown CA handshake - SSL_connect error:14090086:SSL routines: SSL3_GET_ SERVER_ CERTIFICATE: certificate verify failed EAP-FAILURE EAP authentication failed DISCONNECTED - Disconnect event - remove keys
CTRL-EVENT-
CTRL-EVENT-
CTRL-EVENT-
TLS: Certificate verification failed, error 19 (self signed certificate in certificate chain) depth 2 for '/C=US/O=GTE Corporation/OU=GTE CyberTrust Solutions, Inc./CN=GTE CyberTrust Global Root'
SSL: SSL3 alert: write (local SSL3 detected an error):
OpenSSL: tls_connection_
CTRL-EVENT-
CTRL-EVENT-
So my hypothesis is that we have two bugs:
- one with no validation of certificate when settings are new
- one with strange validation of root certificate (of course it's a self certfiicate ! ;-)