https://bugzilla.novell.com/show_bug.cgi?id=465054 Summary: NetworkManager won't ignore an untrusted AP certificate Product: openSUSE 11.1 Version: Final Platform: x86-64 OS/Version: openSUSE 11.1 Status: NEW Severity: Major Priority: P5 - None Component: Network AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: DHWalker@ucdavis.edu QAContact: qa@suse.de Found By: Community User If NetworkManager tries to connect to a wireless AP using WPA / PEAP, and that AP is using a certificate that isn't trusted, the user is asked what to do, Ignore the problem or choose a CA certificate. Clicking the either button doesn't seem to do any good, though. (In fact, it doesn't always prompt the user in the first place.) I had to do the research to find out what CA certificate is used by the AP and explicitly load it in the connect dialog. Here are relevant records from /var/log/wpa_supplicant.log: Trying to associate with 00:0b:86:f4:45:e0 (SSID='moobilenetx' freq=2437 MHz) Associated with 00:0b:86:f4:45:e0 CTRL-EVENT-EAP-STARTED EAP authentication started CTRL-EVENT-EAP-METHOD EAP vendor 0 method 25 (PEAP) selected TLS: Certificate verification failed, error 20 (unable to get local issuer certificate) depth 0 for '/C=US/ST=California/L=Davis/O=University of California Davis/OU=NOC/CN=core-wls.ucdavis.edu' SSL: SSL3 alert: write (local SSL3 detected an error):fatal:unknown CA OpenSSL: tls_connection_handshake - SSL_connect error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed CTRL-EVENT-DISCONNECTED - Disconnect event - remove keys -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.