Created attachment 374241 [details] wpa_supplicant log using networkmanager Description of problem: I can't connect to my university wpa eap-tls network after upgrading to fedora 12. On fedora 11 I was able to connect to that network with the same .p12 certificate. Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. openssl pkcs12 -cacerts -in CertificatoASI.p12 -out asi.pem 2. configure NetworkManager (WPA, TLS, CA=asi.pem, private key=CertificatoASI.p12) 3. connect to network Actual results: Connection fails with an openssl error Expected results: Succesful connection Additional info: I also tried using wpa_supplicant directly, conf. file attached
Created attachment 374242 [details] wpa_supplicant configuration following instructions from my university
In the log I see that the private key load failed. What kind of the private key is that - RSA or DSA? Are you able to extract it out of the pkcs12 file with openssl pkcs12 -in CertificatoASI.p12 -nocerts -out key?
I can extract the key with no errors. I don't know the kind of the key but I think that's RSA. Running openssl rsa -in key -text -noout prints information about the key. Running openssl dsa -in key -text -noout gives : read DSA key Enter pass phrase for key: unable to load Key 140533299726152:error:06078081:digital envelope routines:EVP_PKEY_get1_DSA:expecting a dsa key:p_lib.c:308: Don't know if this is useful but running: openssl pkcs12 -in CertificatoASI.p12 -info -noout gives me: Enter Import Password: MAC Iteration 2048 MAC verified OK PKCS7 Encrypted data: pbeWithSHA1And40BitRC2-CBC, Iteration 2048 Certificate bag Certificate bag PKCS7 Data Shrouded Keybag: pbeWithSHA1And3-KeyTripleDES-CBC, Iteration 2048 Sorry, I don't know much about openssl and this stuff but I'll try to provide all the information that you require.
This looks like the same problem as bug 538851. Although in your case it does not crash. I wonder what is the difference.
Can you please try the wpa_supplicant patch I've attached to the bug 538851?
It works, thank you very much.
OK, back to wpa_supplicant.
wpa_supplicant-0.6.8-8.fc12 has been submitted as an update for Fedora 12. http://admin.fedoraproject.org/updates/wpa_supplicant-0.6.8-8.fc12
wpa_supplicant-0.6.8-8.fc11 has been submitted as an update for Fedora 11. http://admin.fedoraproject.org/updates/wpa_supplicant-0.6.8-8.fc11
wpa_supplicant-0.6.8-8.fc12 has been pushed to the Fedora 12 stable repository. If problems still persist, please make note of it in this bug report.
wpa_supplicant-0.6.8-8.fc11 has been pushed to the Fedora 11 stable repository. If problems still persist, please make note of it in this bug report.
Issue is fixed for me on F12.