On Thu, 2009-12-03 at 10:35 -0600, Peter Van Lone wrote:
I am not able to connect to my companies WPA2 enterprise wireless.
A windows-savvy network friend of mine says he thinks the problem is:
the company is not using client-side certificates AFAIK. The problem
is probably that the certificate is invalid (expired) because our PKI
at the company is not properly configured. You will need to get SLED
to trust the invalid certificate presented during connection time. I
know where this option is in Windows but not in the EAP supplicant.
I can see in NM the option to use system CA certificates -- I wonder
if I need to add the company CA cert to the system cert store? Is this
done using NM, in some fashion?
I don't believe that wpa_supplicant has this option, and thus NM doesn't
have this option either. You could simply not supply a CA certificate
at all (which NM will accept) but this will decrease your overall
security by allowing man-in-the-middle attacks. Basically, your
network's sysadmin needs to get a new CA certificate.
Dan
___
NetworkManager-list mailing list
NetworkManager-list@gnome.org
http://mail.gnome.org/mailman/listinfo/networkmanager-list