[Bug 120363] Re: NetworkManager should support smartcard based certificate

Arnaud arnaud.morin at gmail.com
Wed Jun 2 16:22:35 BST 2010 

I am currently trying to use the pkcs11-* entries for my network.
I successfully made it work with wpa_supplicant, but I can't with NM.

Here is my 802-1x portion

[802-1x]
eap=tls;
identity=mymail at mynetwork.com
password=xxxx
ca-cert=/etc/mycrt/a.crt
pkcs11-module-path=/usr/lib/opensc/opensc-pkcs11.so
pkcs11-engine-path=/usr/lib/engines/engine_pkcs11.so
pkcs11-slot=4
pkcs11-client-cert=45
pkcs11-private-key=45
pin=0000


Here is a log from /var/log/syslog
Jun  2 17:19:50 l-at12094 NetworkManager: <info>  Activation (wlan0) starting connection 'WifiFT_WPA2'
Jun  2 17:19:50 l-at12094 NetworkManager: <info>  (wlan0): device state change: 3 -> 4 (reason 0)
Jun  2 17:19:50 l-at12094 NetworkManager: <info>  Activation (wlan0) Stage 1 of 5 (Device Prepare) scheduled...
Jun  2 17:19:50 l-at12094 NetworkManager: <info>  Activation (wlan0) Stage 1 of 5 (Device Prepare) started...
Jun  2 17:19:50 l-at12094 NetworkManager: <info>  Activation (wlan0) Stage 2 of 5 (Device Configure) scheduled...
Jun  2 17:19:50 l-at12094 NetworkManager: <info>  Activation (wlan0) Stage 1 of 5 (Device Prepare) complete.
Jun  2 17:19:50 l-at12094 NetworkManager: <info>  Activation (wlan0) Stage 2 of 5 (Device Configure) starting...
Jun  2 17:19:50 l-at12094 NetworkManager: <info>  (wlan0): device state change: 4 -> 5 (reason 0)
Jun  2 17:19:50 l-at12094 NetworkManager: need_secrets_tls: unknown private key scheme 0
Jun  2 17:19:50 l-at12094 NetworkManager: <info>  Activation (wlan0/wireless): access point 'WifiFT_WPA2' has security, but secrets are required.
Jun  2 17:19:50 l-at12094 NetworkManager: <info>  (wlan0): device state change: 5 -> 6 (reason 0)
Jun  2 17:19:50 l-at12094 NetworkManager: need_secrets_tls: unknown private key scheme 0
Jun  2 17:19:50 l-at12094 NetworkManager: <info>  Activation (wlan0) Stage 2 of 5 (Device Configure) complete.
Jun  2 17:19:50 l-at12094 NetworkManager: <info>  Activation (wlan0) Stage 1 of 5 (Device Prepare) scheduled...
Jun  2 17:19:50 l-at12094 NetworkManager: <info>  Activation (wlan0) Stage 1 of 5 (Device Prepare) started...
Jun  2 17:19:50 l-at12094 NetworkManager: <info>  (wlan0): device state change: 6 -> 4 (reason 0)


Am I missing something?
I am wondering if the ca-certificate has to be inside the smartcard? (mine is in my filesystem)


Thank you for any help

-- 
NetworkManager should support smartcard based certificate
https://bugs.launchpad.net/bugs/120363
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is a direct subscriber.

Status in “network-manager” package in Ubuntu: Triaged

Bug description:
Binary package hint: network-manager

In our organization we use WPA -TKIP -TLS with certificates stored in smartcards.
I guess wpa_supplicant can support smartcards througt defining an external engine. (opensc or openssl)
NetworkManager's gui for wpa enterprise doesn't have any option to use smartcards.

I think it would be very usefull

More information about the Ubuntu-sponsors mailing list