On Mon, Jan 25, 2021 at 09:27:55PM +0100, IB Development Team via networkmanager-list wrote:
network-manager does not verify server certificate name on EAP-TLS WIFI connections: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=981057 Please verify and consider fixing.
Hi, with NM 1.14, just I tried to connect to a EAP-TLS Wi-Fi network with a wrong '802-1x.subject-match' and it failed complaining about the mismatch. I don't have the setup for 'altsubject-matches' and 'domain-suffix-match', I'll try to prepare one. Can you please verify if NetworkManager is passing to wpa_supplicant the right parameters? Try to connect, and then paste the output of: journalctl -u NetworkManager -e | grep "Config: added" It should be something like: NetworkManager[2749]: <info> Config: added 'ssid' value 'wpa2-eap' NetworkManager[2749]: <info> Config: added 'scan_ssid' value '1' NetworkManager[2749]: <info> Config: added 'subject_match' value 'foobar' [...] Also, it would be useful to check wpa_supplicant logs for errors. Beniamino
Attachment:
signature.asc
Description: PGP signature