Bug 462705 - Add p12 cert support to NetworkManager
Add p12 cert support to NetworkManager
Status: CLOSED NEXTRELEASE
Product: Fedora
Classification: Fedora
Component: NetworkManager (Show other bugs)
rawhide
All Linux
medium Severity high
: ---
: ---
Assigned To: Dan Williams
Fedora Extras Quality Assurance
: FutureFeature
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2008-09-18 10:05 EDT by Traxtopel
Modified: 2008-12-21 18:42 EST (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-12-21 18:38:21 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Traxtopel 2008-09-18 10:05:20 EDT
Description of problem:
NetworkManager does not currently support p12 certificates, can support be added.

Current wpa-supplicant supports p12 certs.
Comment 1 John Walicki 2008-09-19 00:40:14 EDT
This is a usability issue that causes users much frustration.  Splitting the .p12 requires a variety of command line "geeky" tools.  NetworkManager should handle the extraction of the required certificate information from the .p12 without burdening the user.

The UI should prompt optionally for the .p12 and automagically take care of it.

over 25000 IBMers have use .p12 to connect to wireless via EAP/TLS
Comment 2 Traxtopel 2008-10-10 08:51:36 EDT
Dan,
from what I understand the following config works for IBM´ers

# IBM EAP-TLS
network={
        ssid="IBM"
        scan_ssid=1
        eap=TLS
        key_mgmt=IEEE8021X
        pairwise=TKIP
        group=WEP104
        identity="user@xx.ibm.com"
        private_key="/path/to/user*.p12"
        private_key_passwd="topsecret"
        eapol_flags=3
}

So I suspect if you would allow input with
WPA/WPA2 Enterprise
TLS
identity
private_key (can you add p12 to the list of accepted files here)
private_key_passwd

This would be suffice, currently it requires also the User Certificate & CA Certificate.
Comment 3 Fedora Update System 2008-11-23 17:55:04 EST
NetworkManager-pptp-0.7.0-0.12.svn4326.fc10,NetworkManager-openvpn-0.7.0-16.svn4326.fc10,NetworkManager-vpnc-0.7.0-0.11.svn4326.fc10,NetworkManager-0.7.0-0.12.svn4326.fc10 has been submitted as an update for Fedora 10.
http://admin.fedoraproject.org/updates/NetworkManager-pptp-0.7.0-0.12.svn4326.fc10,NetworkManager-openvpn-0.7.0-16.svn4326.fc10,NetworkManager-vpnc-0.7.0-0.11.svn4326.fc10,NetworkManager-0.7.0-0.12.svn4326.fc10
Comment 4 Fedora Update System 2008-11-23 18:04:47 EST
NetworkManager-0.7.0-0.12.svn4326.fc9,NetworkManager-vpnc-0.7.0-0.11.svn4326.fc9,NetworkManager-openvpn-0.7.0-16.svn4326.fc9,NetworkManager-pptp-0.7.0-0.12.svn4326.fc9 has been submitted as an update for Fedora 9.
http://admin.fedoraproject.org/updates/NetworkManager-0.7.0-0.12.svn4326.fc9,NetworkManager-vpnc-0.7.0-0.11.svn4326.fc9,NetworkManager-openvpn-0.7.0-16.svn4326.fc9,NetworkManager-pptp-0.7.0-0.12.svn4326.fc9
Comment 5 Fedora Update System 2008-11-23 18:07:20 EST
NetworkManager-0.7.0-0.12.svn4326.fc8,NetworkManager-vpnc-0.7.0-0.11.svn4326.fc8,NetworkManager-openvpn-0.7.0-16.svn4326.fc8,NetworkManager-pptp-0.7.0-0.12.svn4326.fc8 has been submitted as an update for Fedora 8.
http://admin.fedoraproject.org/updates/NetworkManager-0.7.0-0.12.svn4326.fc8,NetworkManager-vpnc-0.7.0-0.11.svn4326.fc8,NetworkManager-openvpn-0.7.0-16.svn4326.fc8,NetworkManager-pptp-0.7.0-0.12.svn4326.fc8
Comment 6 Fedora Update System 2008-11-26 01:14:52 EST
NetworkManager-0.7.0-0.12.svn4326.fc8, NetworkManager-vpnc-0.7.0-0.11.svn4326.fc8, NetworkManager-openvpn-0.7.0-16.svn4326.fc8, NetworkManager-pptp-0.7.0-0.12.svn4326.fc8 has been pushed to the Fedora 8 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing-newkey update NetworkManager NetworkManager-vpnc NetworkManager-openvpn NetworkManager-pptp'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F8/FEDORA-2008-10263
Comment 7 Fedora Update System 2008-11-26 01:18:53 EST
NetworkManager-0.7.0-0.12.svn4326.fc9, NetworkManager-vpnc-0.7.0-0.11.svn4326.fc9, NetworkManager-openvpn-0.7.0-16.svn4326.fc9, NetworkManager-pptp-0.7.0-0.12.svn4326.fc9 has been pushed to the Fedora 9 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing-newkey update NetworkManager NetworkManager-vpnc NetworkManager-openvpn NetworkManager-pptp'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F9/FEDORA-2008-10321
Comment 8 Fedora Update System 2008-11-26 01:22:45 EST
NetworkManager-pptp-0.7.0-0.12.svn4326.fc10, NetworkManager-openvpn-0.7.0-16.svn4326.fc10, NetworkManager-vpnc-0.7.0-0.11.svn4326.fc10, NetworkManager-0.7.0-0.12.svn4326.fc10 has been pushed to the Fedora 10 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 9 Fedora Update System 2008-12-21 18:37:19 EST
NetworkManager-0.7.0-0.12.svn4326.fc9, NetworkManager-vpnc-0.7.0-0.11.svn4326.fc9, NetworkManager-openvpn-0.7.0-16.svn4326.fc9, NetworkManager-pptp-0.7.0-0.12.svn4326.fc9 has been pushed to the Fedora 9 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 10 Fedora Update System 2008-12-21 18:42:33 EST
NetworkManager-0.7.0-0.12.svn4326.fc8, NetworkManager-vpnc-0.7.0-0.11.svn4326.fc8, NetworkManager-openvpn-0.7.0-16.svn4326.fc8, NetworkManager-pptp-0.7.0-0.12.svn4326.fc8 has been pushed to the Fedora 8 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.