Even after updating to new network-manager and network-manager-gnome, I'm still having problems using a CA certificate. If I add my University's certificate (through the nm-applet dialog) then I get and error in wpa_supplicant.log, and the connection fails:
CTRL-EVENT-EAP-STARTED EAP authentication started CTRL-EVENT-EAP-METHOD EAP vendor 0 method 13 (TLS) selected TLS: Certificate verification failed, error 19 (self signed certificate in certificate chain) depth 2 for '/DC=edu/DC=marshall/CN=Marshall University Root CA' SSL: SSL3 alert: write (local SSL3 detected an error):fatal:unknown CA OpenSSL: tls_connection_handshake - SSL_connect error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed CTRL-EVENT-EAP-FAILURE EAP authentication failed If I delete the CA cert from the applet setup, then I get a pop-up window warning that not using a CA certificate can result in connections to insecure networks, etc, but if I click through the warning (click the Ignore button), then I do connect successfully, and wpa_supplicant.log shows: Trying to associate with 00:16:9c:93:c9:b0 (SSID='MU WiFi' freq=2462 MHz) CTRL-EVENT-EAP-SUCCESS EAP authentication completed successfully (based on lower layer success) WPA: EAPOL-Key Replay Counter did not increase - dropping packet Associated with 00:16:9c:93:c9:b0 WPA: Key negotiation completed with 00:16:9c:93:c9:b0 [PTK=CCMP GTK=CCMP] CTRL-EVENT-CONNECTED - Connection to 00:16:9c:93:c9:b0 completed (reauth) [id=0 id_str=] So it's working, sort of, but I can't use the CA cert from my University. I tried Björn Torkelsson's suggestion (add CA cert to /etc/ssl/certs/ and run 'update-ca-certificates --fresh') but that didn't seem to make any difference. -- [Intrepid] iwl3945 + iwl4965 -- network-manager will not connect to a WPA EAP (Enterprise) network (disassociating by local choice (reason=3) ) https://bugs.launchpad.net/bugs/272185 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
