On ubuntu 9.10 (karmic) I'm unable to connect to a wireless network
using PEAP/mschapv2. Looking at the syslog, it seems that OpenSSL
isn't recognizing the root CA:
Nov 18 09:37:35 my_laptop wpa_supplicant[1587]: CTRL-EVENT-EAP-METHOD
EAP vendor 0 method 25 (PEAP) selected
Nov 18 09:37:35 my_laptop wpa_supplicant[1587]: TLS: Certificate
verification failed, error 19 (self signed certificate in certificate
chain) depth 2 for '/C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class
2 Certification Authority'
Nov 18 09:37:35 my_laptop wpa_supplicant[1587]: SSL: SSL3 alert: write
(local SSL3 detected an error):fatal:unknown CA
Nov 18 09:37:35 my_laptop wpa_supplicant[1587]: OpenSSL:
tls_connection_handshake - SSL_connect error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Nov 18 09:37:35 my_laptop wpa_supplicant[1587]: CTRL-EVENT-EAP-FAILURE
EAP authentication failed
What's my next step? Do I need to do something to authorize the
GoDaddy CA? I've been googling like mad without making any headway.
I've also tried using openssl verify, but I either get a simple 'ok',
or it errors out complaining about not getting a crl (if I try to
verify the certificate chain).
--Andy
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
