http://bugzilla.novell.com/show_bug.cgi?id=532810 Summary: knm4 fails to connect to wpa eap if the supplied certificates are not trusted (self-signed) Classification: openSUSE Product: openSUSE 11.2 Version: Factory Platform: Other OS/Version: Other Status: NEW Severity: Normal Priority: P5 - None Component: KDE4 Applications AssignedTo: kde-maintainers@suse.de ReportedBy: sven.burmeister@gmx.net QAContact: qa@suse.de Found By: --- Created an attachment (id=314246) --> (http://bugzilla.novell.com/attachment.cgi?id=314246) certificate chain User-Agent: Mozilla/5.0 (X11; U; Linux i686; de; rv:1.9.1.2) Gecko/20090730 SUSE/3.5.2-2.4 Firefox/3.5.2 If one uses a certificate-chain, such as the one attached, knm4 fails to connect. wpa_supplicant log shows: Trying to associate with 00:23:eb:0c:26:b0 (SSID='eduroam' freq=2412 MHz) Association request to the driver failed CTRL-EVENT-DISCONNECTED - Disconnect event - remove keys CTRL-EVENT-DISCONNECTED - Disconnect event - remove keys Associated with 00:23:eb:0c:26:b0 CTRL-EVENT-EAP-STARTED EAP authentication started CTRL-EVENT-EAP-METHOD EAP vendor 0 method 21 (TTLS) selected TLS: Certificate verification failed, error 19 (self signed certificate in certificate chain) depth 3 for '/C=DE/O=Deutsche Telekom AG/OU=T-TeleSec Trust Center/CN=Deutsche Telekom Root CA 2' SSL: SSL3 alert: write (local SSL3 detected an error):fatal:unknown CA OpenSSL: tls_connection_handshake - SSL_connect error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed CTRL-EVENT-EAP-FAILURE EAP authentication failed If one installs the Deutsche Telekom certificate into /etc/ssl/certs, it works. Expected behaviour, if the user supplies a certificate chain, trust it. If this is not a knm4 but NetworkManager or openssl/wpa_supplicant issue, please re-assign. Reproducible: Always -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.