I just realised that I can put the issue in a simpler realm (not requiring any externally written client-code files ) ::<br><br>I am unable to get "TLS-authentication" working, when a "Fedora-17-client" tries to connect to a "WPA/WPA2-Enterprise network" through "gnome-shell-applet", via Freeradius-running-on-Fedora-17".<br>
<br><br><br><br><div class="gmail_quote">On Sun, Jan 6, 2013 at 7:31 PM, Ajay Garg <span dir="ltr"><<a href="mailto:ajaygargnsit@gmail.com" target="_blank">ajaygargnsit@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Hi all.<br><br>I have been facing a very particular issue, when trying to connect to a WPA/WPA-2 Enterprise connection via "TLS authentication"<br>(note that "TTLS" and "PEAP" authentication work perfect).<br>
<br>Settings ::<br><br>a)<br>As per <a href="http://cgit.freedesktop.org/NetworkManager/NetworkManager/tree/examples/python/add-system-wifi-connection.py" target="_blank">http://cgit.freedesktop.org/NetworkManager/NetworkManager/tree/examples/python/add-system-wifi-connection.py</a>, the code is written on a Fedora-18 base, using NM0.9<br>
(this code is wriiten on the "client" computers, that wish to connect to the "TLS authenticated" WPA/WPA2-Enterprise network).<br><br><br><br>b)<br>Freeradius is being used as the user-authentication server.<br>
<br><br><br>c)<br>Now, when freeradius is being used on a Fedora-14 base, the "TLS" authentication works fine.<br>I do the following, to generate the certificates required for TLS ::<br><br> su -<br>
cd /etc/raddb/certs<br> make clean<br> make client.pem<br><br>I then fill in the following fields (on the client-side)::<br><br><pre><code> 'client-cert': path_to_value(</code><code>"client.p12/generated/on/freeradius/on/Fedora14"</code><code>),
'ca-cert': path_to_value(</code><code>"ca.pem/generated/on/freeradius/on/Fedora14"</code><code>),
'private-key': path_to_value(</code><code>"client.p12/generated/on/freeradius/on/Fedora14"</code><code>),</code></pre><br>The client gets connected flawlessly to the wifi-network :)<br>
<br><br><br>d)<br>However, when freeradius is used on a Fedora-18 base, the "TLS" authentication does not work fine.<br><br>I follow the same procedure to generate the certificates ::<br><br> su -<br>
cd /etc/raddb/certs<br> make clean<br> make client.pem<br><br><br>and then fill up the values as ::<br><br><pre><code> 'client-cert': path_to_value(</code><code>"client.p12/generated/on/freeradius/on/Fedora17"</code><code>),
'ca-cert': path_to_value(</code><code>"ca.pem/generated/on/freeradius/on/Fedora17"</code><code>),
'private-key': path_to_value(</code><code>"client.p12/generated/on/freeradius/on/Fedora17"</code><code>),<br><br><br></code></pre>However, now the wifi-network is not connected; there are "Access-Reject" messages in freeradius-logs.<br>
<br><br><br>Has there been a change in the way certificates are to generated/deployed when using Free-radius on Fedora-17?<br>Or there needs to be a change in the NM-client-side-code?<br><br><br><br><br>I will be grateful for a reply.<br>
<br><br><br><br>Regards,<br>Ajay<br>
</blockquote></div><br><br clear="all"><br>-- <br>Regards,<br>Ajay<br>