Created attachment 314248 [details] wpa_supplicant running on the T61 with F9 Description of problem: In the past using NetworkManager 0.6.6 I could connect to EAP using digital certs. I would use the following. ca_certificate.pem client_certificate.cer private_key.pem I would create these files using openssl pkcs12 -clcerts -in name.p12 -out "client_certificate.cer" openssl pkcs12 -cacerts -in name.p12 -out "ca_certificate.pem" openssl pkcs12 -nocerts -in name.p12 -out "private-key.pem" This worked fine with NM 0.6.6 For NM 0.7.0 I now need to replace the "client_certificate.cer" file with openssl pkcs12 -clcerts -in name.p12 -out "user_certificate.pem" However irrespective how I configure NetworkManager, i.e. Security : Dynamic Wep (802.1x) or Security : WPA&WPA2 Enterprise Authentication TLS I cannot connect, using the same files from the command line and manually running wpa_supplicant against a conf file I can. eap-f9-wpa.txt - wpa_supplicant running on the T61 with F9, connecting manually lan0-messages wpa_supplicant.log logs of me trying to connect using NetworkManager
Created attachment 314249 [details] wlan0 messages
Created attachment 314250 [details] wpa-supplicant log
Dan any update here?
I believe .cer format files are actually DER files just with a different extension. I've whitelisted the ".cer" extension upstream in the applet (svn r950) and that should make the next batch of F8, F9, and rawhide updates. Please re-open if the certs aren't recognized by the applet when you try to select them.
Dan - Thanks for the .cer whitelist. I'm uncertain from your comment if this patch will be included in the RHEL 5.3 version of NetworkManager .7 IBM would very much like to have NetworkManager TLS certificate support included in RHEL 5.3
5.3 is pretty much tracking SVN trunk as we wrap up the dev cycle of 0.7, so yes.