http://bugzilla.novell.com/show_bug.cgi?id=575470 http://bugzilla.novell.com/show_bug.cgi?id=575470#c0 Summary: EAP-TLS Connection not working wpasupplicant errors w/ NetworkManager Classification: openSUSE Product: openSUSE 11.2 Version: Final Platform: x86-64 OS/Version: openSUSE 11.2 Status: NEW Severity: Normal Priority: P5 - None Component: Network AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: ben.kevan@bio-rad.com QAContact: qa@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US) AppleWebKit/532.8 (KHTML, like Gecko) Chrome/4.0.303.0 Safari/532.8 Trying to connect to Wireless which is EAP-TLS (WPA2). I get the following error in /var/log/wpa_supplicant.log Trying to associate with 00:25:84:fe:c7:60 (SSID='@SID' freq=2462 MHz) Association request to the driver failed Associated with 00:25:84:fe:c7:60 CTRL-EVENT-EAP-STARTED EAP authentication started OpenSSL: tls_connection_ca_cert - Failed to parse ca_cert_blob error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag OpenSSL: pending error: error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error TLS: Failed to set TLS connection parameters EAP-TLS: Failed to initialize SSL. CTRL-REQ-PASSPHRASE-0:Private key passphrase needed for SSID @SID EAP: Failed to initialize EAP method: vendor 0 method 13 (TLS) The keys I'm using were exported from Windows w/ Private Key.. The keys were extracted with: openssl pkcs12 -in Ben_Kevan_Oct_8_2010.pfx -out bkevancacert.pem -cacerts -nokeys openssl pkcs12 -in Ben_Kevan_Oct_8_2010.pfx -out bkevanclcert.pem -clcerts -nokeys openssl pkcs12 -in Ben_Kevan_Oct_8_2010.pfx -out bkevanclcert.pem -nocerts In KNetworkManager I use: bkevanclcert.pem for User Certificate bkevancacert.pem for CA Cert bkevankey.pem for Private Key (with the associated password during export). Here's the associated stuff from /var/log/NetworkManager: Jan 29 15:47:37 HCSUSE05006060 NetworkManager: <info> Activation (wlan0) starting connection '@SID' Jan 29 15:47:37 HCSUSE05006060 NetworkManager: <info> (wlan0): device state change: 3 -> 4 (reason 0) Jan 29 15:47:37 HCSUSE05006060 NetworkManager: <info> Activation (wlan0) Stage 1 of 5 (Device Prepare) scheduled... Jan 29 15:47:37 HCSUSE05006060 NetworkManager: <info> Activation (wlan0) Stage 1 of 5 (Device Prepare) started... Jan 29 15:47:37 HCSUSE05006060 NetworkManager: <info> Activation (wlan0) Stage 2 of 5 (Device Configure) scheduled... Jan 29 15:47:37 HCSUSE05006060 NetworkManager: <info> Activation (wlan0) Stage 1 of 5 (Device Prepare) complete. Jan 29 15:47:37 HCSUSE05006060 NetworkManager: <info> Activation (wlan0) Stage 2 of 5 (Device Configure) starting... Jan 29 15:47:37 HCSUSE05006060 NetworkManager: <info> (wlan0): device state change: 4 -> 5 (reason 0) Jan 29 15:47:37 HCSUSE05006060 NetworkManager: <info> Activation (wlan0/wireless): access point '@SID' has security, but secrets are required. Am I exporting the keys wrong with openssl? Reproducible: Always Steps to Reproduce: See above notes Actual Results: Doesn't Connect Expected Results: Would like to connect -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.