Re: NM 0.7.0 on SLED11

On Thu, 2009-12-03 at 10:35 -0600, Peter Van Lone wrote:
> I am not able to connect to my companies WPA2 enterprise wireless.
> A windows-savvy network friend of mine says he thinks the problem is:
> "the company is not using client-side certificates AFAIK. The problem
> is probably that the certificate is invalid (expired) because our PKI
> at the company is not properly configured. You will need to get SLED
> to trust the invalid certificate presented during connection time. I
> know where this option is in Windows but not in the EAP supplicant."
> I can see in NM the option to use "system CA certificates" -- I wonder
> if I need to add the company CA cert to the system cert store? Is this
> done using NM, in some fashion?

I don't believe that wpa_supplicant has this option, and thus NM doesn't
have this option either.  You could simply not supply a CA certificate
at all (which NM will accept) but this will decrease your overall
security by allowing man-in-the-middle attacks.  Basically, your
network's sysadmin needs to get a new CA certificate.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]