I just wanted to say that comment #19 of removing "system-ca-certs=true" from /etc/NetworkManager/system-connections also worked for me. Actually, what I did was set the statement to false. When I re-started the connection, it worked on the next try.
I also did a sudo chmod -w NUwave after the first time it connected, so that should avoid the statement from reappearing since now the file is read-only. Given the connection name, I'm at Northeastern University, which uses WPA2/PEAP/MSCHAP as well.
From /var/log/syslog upon successful authentication:
May 2 13:21:52 wpa_supplicant[1434]: wlan0: CTRL-EVENT-EAP-STARTED EAP authentication started
May 2 13:21:52 wpa_supplicant[1434]: wlan0: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=25
May 2 13:21:52 wpa_supplicant[1434]: wlan0: CTRL-EVENT-EAP-METHOD EAP vendor 0 method 25 (PEAP) selected
May 2 13:21:52 wpa_supplicant[1434]: wlan0: CTRL-EVENT-EAP-PEER-CERT depth=0 subject='/C=US/ST=Massachusetts/L=Boston/O=Northeastern University/OU=IT/CN=wireless.neu.edu'
May 2 13:21:52 wpa_supplicant[1434]: last message repeated 2 times
May 2 13:21:52 Faraday wpa_supplicant[1434]: EAP-MSCHAPV2: Authentication succeeded
Before the statement was switched to false, syslog showed statements like:
May 2 13:02:59 wpa_supplicant[1483]: wlan0: CTRL-EVENT-EAP-STARTED EAP authentication started
May 2 13:02:59 wpa_supplicant[1483]: wlan0: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=25
May 2 13:02:59 wpa_supplicant[1483]: wlan0: CTRL-EVENT-EAP-METHOD EAP vendor 0 method 25 (PEAP) selected
May 2 13:02:59 wpa_supplicant[1483]: TLS: Certificate verification failed, error 20 (unable to get local issuer certificate) depth 0 for '/C=US/ST=Massachusetts/L=Boston/O=Northeastern University/OU=IT/CN=wireless.neu.edu'
May 2 13:02:59 wpa_supplicant[1483]: wlan0: CTRL-EVENT-EAP-TLS-CERT-ERROR reason=1 depth=0 subject='/C=US/ST=Massachusetts/L=Boston/O=Northeastern University/OU=IT/CN=wireless.neu.edu' err='unable to get local issuer certificate'
May 2 13:02:59 wpa_supplicant[1483]: SSL: SSL3 alert: write (local SSL3 detected an error):fatal:unknown CA
May 2 13:02:59 wpa_supplicant[1483]: OpenSSL: openssl_handshake - SSL_connect error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
May 2 13:02:59 wpa_supplicant[1483]: wlan0: CTRL-EVENT-EAP-FAILURE EAP authentication failed
May 2 13:03:00 wpa_supplicant[1483]: wlan0: CTRL-EVENT-DISCONNECTED bssid=00:24:6c:e7:7b:51 reason=6
Before I had tried this, I had attempted to use the certificate that Windows 7 associated with the same NUwave wireless connection, but I was still unsuccessful at authenticating even with that. The odd thing is that a few weeks back when I tested with an Ubuntu 13.04 Beta 2 USB stick it worked fine, but stopped working at some point, and I re-tested with the USB stick today and it still failed, so at that point I knew it wasn't anything package related and stumbled across this bug and solution which fixed it! :)
I just wanted to say that comment #19 of removing "system- ca-certs= true" from /etc/NetworkMan ager/system- connections also worked for me. Actually, what I did was set the statement to false. When I re-started the connection, it worked on the next try.
I also did a sudo chmod -w NUwave after the first time it connected, so that should avoid the statement from reappearing since now the file is read-only. Given the connection name, I'm at Northeastern University, which uses WPA2/PEAP/MSCHAP as well.
From /var/log/syslog upon successful authentication:
May 2 13:21:52 wpa_supplicant[ 1434]: wlan0: CTRL-EVENT- EAP-STARTED EAP authentication started 1434]: wlan0: CTRL-EVENT- EAP-PROPOSED- METHOD vendor=0 method=25 1434]: wlan0: CTRL-EVENT- EAP-METHOD EAP vendor 0 method 25 (PEAP) selected 1434]: wlan0: CTRL-EVENT- EAP-PEER- CERT depth=0 subject= '/C=US/ ST=Massachusett s/L=Boston/ O=Northeastern University/ OU=IT/CN= wireless. neu.edu' 1434]: last message repeated 2 times 1434]: EAP-MSCHAPV2: Authentication succeeded
May 2 13:21:52 wpa_supplicant[
May 2 13:21:52 wpa_supplicant[
May 2 13:21:52 wpa_supplicant[
May 2 13:21:52 wpa_supplicant[
May 2 13:21:52 Faraday wpa_supplicant[
Before the statement was switched to false, syslog showed statements like:
May 2 13:02:59 wpa_supplicant[ 1483]: wlan0: CTRL-EVENT- EAP-STARTED EAP authentication started 1483]: wlan0: CTRL-EVENT- EAP-PROPOSED- METHOD vendor=0 method=25 1483]: wlan0: CTRL-EVENT- EAP-METHOD EAP vendor 0 method 25 (PEAP) selected 1483]: TLS: Certificate verification failed, error 20 (unable to get local issuer certificate) depth 0 for '/C=US/ ST=Massachusett s/L=Boston/ O=Northeastern University/ OU=IT/CN= wireless. neu.edu' 1483]: wlan0: CTRL-EVENT- EAP-TLS- CERT-ERROR reason=1 depth=0 subject= '/C=US/ ST=Massachusett s/L=Boston/ O=Northeastern University/ OU=IT/CN= wireless. neu.edu' err='unable to get local issuer certificate' 1483]: SSL: SSL3 alert: write (local SSL3 detected an error): fatal:unknown CA 1483]: OpenSSL: openssl_handshake - SSL_connect error:14090086:SSL routines: SSL3_GET_ SERVER_ CERTIFICATE: certificate verify failed 1483]: wlan0: CTRL-EVENT- EAP-FAILURE EAP authentication failed 1483]: wlan0: CTRL-EVENT- DISCONNECTED bssid=00: 24:6c:e7: 7b:51 reason=6
May 2 13:02:59 wpa_supplicant[
May 2 13:02:59 wpa_supplicant[
May 2 13:02:59 wpa_supplicant[
May 2 13:02:59 wpa_supplicant[
May 2 13:02:59 wpa_supplicant[
May 2 13:02:59 wpa_supplicant[
May 2 13:02:59 wpa_supplicant[
May 2 13:03:00 wpa_supplicant[
Before I had tried this, I had attempted to use the certificate that Windows 7 associated with the same NUwave wireless connection, but I was still unsuccessful at authenticating even with that. The odd thing is that a few weeks back when I tested with an Ubuntu 13.04 Beta 2 USB stick it worked fine, but stopped working at some point, and I re-tested with the USB stick today and it still failed, so at that point I knew it wasn't anything package related and stumbled across this bug and solution which fixed it! :)