Network manager cannot connect to WPA2/PEAP/MSCHAPv2 enterprise wifi networks without CA_Certificate, like Eduroam

Status changed to 'Confirmed' because the bug affects multiple users.

I have the same problem. I can not connect to wifi network (WPA and WPA2 Enterprise PEAP, MSCHAPv2 +username/password)
The network manager doesn't accept my password. On last week, it worked well. (2013. 03.15.)

The certificate authority is missing. You may want to add it to the configuration in NetworkManager to point to a CA certificate that can be provided to you by your network administrator:

Jan 24 21:28:21 ubuntu wpa_supplicant[3569]: wlan0: CTRL-EVENT-EAP-METHOD EAP vendor 0 method 25 (PEAP) selected
Jan 24 21:28:21 ubuntu wpa_supplicant[3569]: TLS: Certificate verification failed, error 20 (unable to get local issuer certificate) depth 1 for '/C=SK/L=Bratislava/O=Comenius University/CN=WWW Servers Certification Authority/emailAddress=xxxxxxxxx'
Jan 24 21:28:21 ubuntu wpa_supplicant[3569]: wlan0: CTRL-EVENT-EAP-TLS-CERT-ERROR reason=1 depth=1 subject='/C=SK/L=Bratislava/O=Comenius University/CN=WWW Servers Certification Authority/emailAddress=xxxxxxxx' err='unable to get local issuer certificate'
Jan 24 21:28:21 ubuntu wpa_supplicant[3569]: SSL: SSL3 alert: write (local SSL3 detected an error):fatal:unknown CA
Jan 24 21:28:21 ubuntu wpa_supplicant[3569]: OpenSSL: openssl_handshake - SSL_connect error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Jan 24 21:28:22 ubuntu wpa_supplicant[3569]: wlan0: CTRL-EVENT-EAP-FAILURE EAP authentication failed

I've noticed this too happening with self-signed certificates in universities. The alternative is to edit the connection file in /etc/NetworkManager/system-connections to remove "system-ca-certs=true".

but why only since 13.04 if it worked fine so far. anyway, I have found something here, it should be the certificate, but I haven't got round to try it myself: http://www.lan.kth.se/eduroam/AddTrust_External_CA_Root.pem does it work for you, hepaly?

Hi Zsolt, This problem affects me, when i try to connect to my office network. We never used certificate authority. The wifi network allows the connection, when I use a specific hostname, and username/password. Ubuntu 12.10 is working well. On last week, the wifi connection was OK on ubuntu 13.04.

I got a certificate file (*.crt) from IT, and the connection is working well (with this cert. file). It is interesting, because the 12.10 works without this file.

if it doesn't change, this could mean a serious move-away from ubuntu,
cause I instapped ubuntu to many of my friemds juat because they were
unaboe to connect to eduroam in windows! don't underestimate this, I would
mark this of a very high importanace, being a dev...
On Mar 19, 2013 2:02 PM, "hepaly" <email address hidden> wrote:

> I got a certificate file (*.crt) from IT, and the connection is working
> well (with this cert. file). It is interesting, because the 12.10 works
> without this file.
>
> --
> You received this bug notification because you are subscribed to the bug
> report.
> https://bugs.launchpad.net/bugs/1104476
>
> Title:
> Network manager cannot connect to Eduroam (worldwide WiFi network for
> university students)
>
> Status in “network-manager” package in Ubuntu:
> Invalid
>
> Bug description:
> I can connect to Eduroam in 12.10 and any other previous release, but
> not in 13.04. I checked, my name and password are correct, all
> settings are the same as in 12.10.
>
> Network properties:
>
> security: WPA - WPA2 enterprise
> authentication: protected EAP (PEAP)
> CA certificate: none
> PEAP version: automatic
> inner autentication: MSCHAPv2
> username: (required)
> password: (required)
>
> ProblemType: Bug
> DistroRelease: Ubuntu 13.04
> Package: network-manager 0.9.6.0+git201301021750.e78c3e8-0ubuntu3
> ProcVersionSignature: Ubuntu 3.8.0-1.5-generic 3.8.0-rc4
> Uname: Linux 3.8.0-1-generic i686
> ApportVersion: 2.8-0ubuntu2
> Architecture: i386
> CasperVersion: 1.330
> Date: Thu Jan 24 21:32:25 2013
> IfupdownConfig:
> # interfaces(5) file used by ifup(8) and ifdown(8)
> auto lo
> iface lo inet loopback
> IpRoute:
> default via 192.168.43.1 dev wlan0 proto static
> 169.254.0.0/16 dev wlan0 scope link metric 1000
> 192.168.43.0/24 dev wlan0 proto kernel scope link src
> 192.168.43.149 metric 9
> LiveMediaBuild: Ubuntu 13.04 "Raring Ringtail" - Alpha i386 (20130123)
> MarkForUpload: True
> NetworkManager.state:
> [main]
> NetworkingEnabled=true
> WirelessEnabled=true
> WWANEnabled=true
> WimaxEnabled=true
> ProcEnviron:
> PATH=(custom, no user)
> XDG_RUNTIME_DIR=<set>
> LANG=en_US.UTF-8
> SHELL=/bin/bash
> SourcePackage: network-manager
> UpgradeStatus: No upgrade log present (probably fresh install)
> nmcli-con:
> NAME UUID TYPE
> TIMESTAMP TIMESTAMP-REAL AUTOCONNECT
> READONLY DBUS-PATH
> AndroidAP 978da457-563b-4c59-a894-45eb0f74fcb7
> 802-11-wireless 1359063171 Thu 24 Jan 2013 09:32:51 PM UTC yes
> no /org/freedesktop/NetworkManager/Settings/2
> Wired connection 1 6703fabc-9519-49bd-a4af-45fbfb7d660e
> 802-3-ethernet 1359062570 Thu 24 Jan 2013 09:22:50 PM UTC yes
> no /org/freedesktop/NetworkManager/Settings/1
> eduroam 00f69a95-4a1b-436c-b462-a284f45fbaa1
> 802-11-wireless 1359063171 Thu 24 Jan 2013 09:32:51 PM UTC yes
> no /org/freedesktop/NetworkManager/Settings/0
> nmcli-dev:
> DEVICE TYPE ...

Hi Hepaly,
what kind of certificate did you use? googling around I found (here, for example https://admin.kuleuven.be/icts/english/wifi/eduroam-ubuntu) that with the

/usr/share/ca-certificates/mozilla/AddTrust_External_Root.crt

should work but instead it does not work for me.

alfredo

Here are some screenshots about this issue:
I can connect to office network without using CA certificate file (ubuntu 12.10 live cd):
http://dl.dropbox.com/u/3104528/network_manager_issue/ubuntu12.10_wpa2E.png

Ubuntu 13.04 daily build doesn't accept my password. (using same settings, as ubuntu 12.10):
http://dl.dropbox.com/u/3104528/network_manager_issue/ubuntu13_04wpa2E.png

But if I use the CA certificate file, what I got from IT guys, then the password validation is OK, and it connects to wifi network.
http://dl.dropbox.com/u/3104528/network_manager_issue/ubuntu13_04wpa2E_ok_with_crt.png

Actually it works well using with CA certificate file, but why does the 12.10 work without this file? Is it bug or feature? :)

I'm marking this again as new, cause the definition of invalid says that it should be a support request which it is not, because canonical cannot provide support to solve it.

most people don't know what a CA certificate is, so you can't leave it this way, cause they will say, that ubuntu just cannot connect and they are moving back to windows... you have to consider what normal people will think about this.

I've tried all sorts of certificates in the last few days (searching on google people say to use different types of them) but I couldn't make this work. Moreover the Eduroam site says to leave the certificate field empty. I can connect with my telephone with no problems so I'm sure the problem is not related to my account. I'll check if it works with an older ubuntu version asap.

I have tries with different certificates (cause my school haven't issued
one) and it didn't work. currently there's no way for us to connect to
eduroam in 13.04.
On Mar 25, 2013 10:50 AM, "Alfredo Buttari" <email address hidden>
wrote:

> I've tried all sorts of certificates in the last few days (searching on
> google people say to use different types of them) but I couldn't make
> this work. Moreover the Eduroam site says to leave the certificate field
> empty. I can connect with my telephone with no problems so I'm sure the
> problem is not related to my account. I'll check if it works with an
> older ubuntu version asap.
>
> --
> You received this bug notification because you are subscribed to the bug
> report.
> https://bugs.launchpad.net/bugs/1104476
>
> Title:
> Network manager cannot connect to Eduroam (worldwide WiFi network for
> university students)
>
> Status in “network-manager” package in Ubuntu:
> New
>
> Bug description:
> I can connect to Eduroam in 12.10 and any other previous release, but
> not in 13.04. I checked, my name and password are correct, all
> settings are the same as in 12.10.
>
> Network properties:
>
> security: WPA - WPA2 enterprise
> authentication: protected EAP (PEAP)
> CA certificate: none
> PEAP version: automatic
> inner autentication: MSCHAPv2
> username: (required)
> password: (required)
>
> ProblemType: Bug
> DistroRelease: Ubuntu 13.04
> Package: network-manager 0.9.6.0+git201301021750.e78c3e8-0ubuntu3
> ProcVersionSignature: Ubuntu 3.8.0-1.5-generic 3.8.0-rc4
> Uname: Linux 3.8.0-1-generic i686
> ApportVersion: 2.8-0ubuntu2
> Architecture: i386
> CasperVersion: 1.330
> Date: Thu Jan 24 21:32:25 2013
> IfupdownConfig:
> # interfaces(5) file used by ifup(8) and ifdown(8)
> auto lo
> iface lo inet loopback
> IpRoute:
> default via 192.168.43.1 dev wlan0 proto static
> 169.254.0.0/16 dev wlan0 scope link metric 1000
> 192.168.43.0/24 dev wlan0 proto kernel scope link src
> 192.168.43.149 metric 9
> LiveMediaBuild: Ubuntu 13.04 "Raring Ringtail" - Alpha i386 (20130123)
> MarkForUpload: True
> NetworkManager.state:
> [main]
> NetworkingEnabled=true
> WirelessEnabled=true
> WWANEnabled=true
> WimaxEnabled=true
> ProcEnviron:
> PATH=(custom, no user)
> XDG_RUNTIME_DIR=<set>
> LANG=en_US.UTF-8
> SHELL=/bin/bash
> SourcePackage: network-manager
> UpgradeStatus: No upgrade log present (probably fresh install)
> nmcli-con:
> NAME UUID TYPE
> TIMESTAMP TIMESTAMP-REAL AUTOCONNECT
> READONLY DBUS-PATH
> AndroidAP 978da457-563b-4c59-a894-45eb0f74fcb7
> 802-11-wireless 1359063171 Thu 24 Jan 2013 09:32:51 PM UTC yes
> no /org/freedesktop/NetworkManager/Settings/2
> Wired connection 1 6703fabc-9519-49bd-a4af-45fbfb7d660e
> 802-3-ethernet 1359062570 Thu 24 Jan 2013 09:22:50 PM UTC yes
> no /org/freedesktop/NetworkManager/Settings/1
> eduroam 00f69a95-4a1b-436c-b462-a284f45fbaa1
> 802-11-wireless 1359063171 Thu 24 Jan...

Status changed to 'Confirmed' because the bug affects multiple users.

Also unable to connect, works well in any Ubuntu version except for 13.04.

Hi! i have same bug. The problem occurs only in 13.04.

I have the same problem.
Very bad.

My college, the b.i.b International College Bergisch Gladbach (www.bg.bib.de) is affected!

In 12.04 it worked perfectly!

If this bug does not get fixed, a whole industry is affected.

This bug has to be critical!

Sry, I just want to note that removing "system-ca-certs=true" from /etc/NetworkManager/system-connections solved the problem for me!

Remove the line that I marked (line 20) , to fix it

This is an example of my NetworkManager profile.

This file is saved under /etc/NetworkManager/system-connections/

with connecting to the wireless point at my college. (www.bg.bib.de)

So it seems the problem is system-ca-certs=true is being added despite Eduard cancelling the request for the cert.

I had no possibilty of testing these days. any progress, guys?
On Apr 9, 2013 11:30 AM, "Brendan Donegan" <email address hidden>
wrote:

> So it seems the problem is system-ca-certs=true is being added despite
> Eduard cancelling the request for the cert.
>
> ** Changed in: network-manager (Ubuntu)
> Importance: Undecided => High
>
> ** Changed in: network-manager (Ubuntu)
> Status: Confirmed => Triaged
>
> --
> You received this bug notification because you are subscribed to the bug
> report.
> https://bugs.launchpad.net/bugs/1104476
>
> Title:
> Network manager cannot connect to WPA2/PEAP/MSCHAPv2 network without
> CA_Certificate
>
> Status in “network-manager” package in Ubuntu:
> Triaged
>
> Bug description:
> I can connect to Eduroam in 12.10 and any other previous release, but
> not in 13.04. I checked, my name and password are correct, all
> settings are the same as in 12.10.
>
> Network properties:
>
> security: WPA - WPA2 enterprise
> authentication: protected EAP (PEAP)
> CA certificate: none
> PEAP version: automatic
> inner autentication: MSCHAPv2
> username: (required)
> password: (required)
>
> ProblemType: Bug
> DistroRelease: Ubuntu 13.04
> Package: network-manager 0.9.6.0+git201301021750.e78c3e8-0ubuntu3
> ProcVersionSignature: Ubuntu 3.8.0-1.5-generic 3.8.0-rc4
> Uname: Linux 3.8.0-1-generic i686
> ApportVersion: 2.8-0ubuntu2
> Architecture: i386
> CasperVersion: 1.330
> Date: Thu Jan 24 21:32:25 2013
> IfupdownConfig:
> # interfaces(5) file used by ifup(8) and ifdown(8)
> auto lo
> iface lo inet loopback
> IpRoute:
> default via 192.168.43.1 dev wlan0 proto static
> 169.254.0.0/16 dev wlan0 scope link metric 1000
> 192.168.43.0/24 dev wlan0 proto kernel scope link src
> 192.168.43.149 metric 9
> LiveMediaBuild: Ubuntu 13.04 "Raring Ringtail" - Alpha i386 (20130123)
> MarkForUpload: True
> NetworkManager.state:
> [main]
> NetworkingEnabled=true
> WirelessEnabled=true
> WWANEnabled=true
> WimaxEnabled=true
> ProcEnviron:
> PATH=(custom, no user)
> XDG_RUNTIME_DIR=<set>
> LANG=en_US.UTF-8
> SHELL=/bin/bash
> SourcePackage: network-manager
> UpgradeStatus: No upgrade log present (probably fresh install)
> nmcli-con:
> NAME UUID TYPE
> TIMESTAMP TIMESTAMP-REAL AUTOCONNECT
> READONLY DBUS-PATH
> AndroidAP 978da457-563b-4c59-a894-45eb0f74fcb7
> 802-11-wireless 1359063171 Thu 24 Jan 2013 09:32:51 PM UTC yes
> no /org/freedesktop/NetworkManager/Settings/2
> Wired connection 1 6703fabc-9519-49bd-a4af-45fbfb7d660e
> 802-3-ethernet 1359062570 Thu 24 Jan 2013 09:22:50 PM UTC yes
> no /org/freedesktop/NetworkManager/Settings/1
> eduroam 00f69a95-4a1b-436c-b462-a284f45fbaa1
> 802-11-wireless 1359063171 Thu 24 Jan 2013 09:32:51 PM UTC yes
> no /org/freedesktop/NetworkManager/Settings/0
> nmcli-dev:
> DEVICE TYPE STATE DBUS-PATH
> wlan0 802-11-wireless connected
> /org/f...

I can confirm that even though I choose ignore on the CA Cert dialog, the line "system-ca-certs=true" was added to system-connections. It works find after I set that to false.

Hey, my laptop can't even find eduroam or setup-wifi to even attempt connecting since upgrading to 13.04. How can I go about fixing this?

upgrading is not good. try to fire up a usb image and try if it it can
connect in the live mode. the problem is probably with the upgrade. but
first try to connect to a hidden network.
On Apr 17, 2013 5:45 AM, "Ryan Yates" <email address hidden> wrote:

> Hey, my laptop can't even find eduroam or setup-wifi to even attempt
> connecting since upgrading to 13.04. How can I go about fixing this?
>
> --
> You received this bug notification because you are subscribed to the bug
> report.
> https://bugs.launchpad.net/bugs/1104476
>
> Title:
> Network manager cannot connect to WPA2/PEAP/MSCHAPv2 network without
> CA_Certificate
>
> Status in “network-manager” package in Ubuntu:
> Triaged
>
> Bug description:
> I can connect to Eduroam in 12.10 and any other previous release, but
> not in 13.04. I checked, my name and password are correct, all
> settings are the same as in 12.10.
>
> Network properties:
>
> security: WPA - WPA2 enterprise
> authentication: protected EAP (PEAP)
> CA certificate: none
> PEAP version: automatic
> inner autentication: MSCHAPv2
> username: (required)
> password: (required)
>
> ProblemType: Bug
> DistroRelease: Ubuntu 13.04
> Package: network-manager 0.9.6.0+git201301021750.e78c3e8-0ubuntu3
> ProcVersionSignature: Ubuntu 3.8.0-1.5-generic 3.8.0-rc4
> Uname: Linux 3.8.0-1-generic i686
> ApportVersion: 2.8-0ubuntu2
> Architecture: i386
> CasperVersion: 1.330
> Date: Thu Jan 24 21:32:25 2013
> IfupdownConfig:
> # interfaces(5) file used by ifup(8) and ifdown(8)
> auto lo
> iface lo inet loopback
> IpRoute:
> default via 192.168.43.1 dev wlan0 proto static
> 169.254.0.0/16 dev wlan0 scope link metric 1000
> 192.168.43.0/24 dev wlan0 proto kernel scope link src
> 192.168.43.149 metric 9
> LiveMediaBuild: Ubuntu 13.04 "Raring Ringtail" - Alpha i386 (20130123)
> MarkForUpload: True
> NetworkManager.state:
> [main]
> NetworkingEnabled=true
> WirelessEnabled=true
> WWANEnabled=true
> WimaxEnabled=true
> ProcEnviron:
> PATH=(custom, no user)
> XDG_RUNTIME_DIR=<set>
> LANG=en_US.UTF-8
> SHELL=/bin/bash
> SourcePackage: network-manager
> UpgradeStatus: No upgrade log present (probably fresh install)
> nmcli-con:
> NAME UUID TYPE
> TIMESTAMP TIMESTAMP-REAL AUTOCONNECT
> READONLY DBUS-PATH
> AndroidAP 978da457-563b-4c59-a894-45eb0f74fcb7
> 802-11-wireless 1359063171 Thu 24 Jan 2013 09:32:51 PM UTC yes
> no /org/freedesktop/NetworkManager/Settings/2
> Wired connection 1 6703fabc-9519-49bd-a4af-45fbfb7d660e
> 802-3-ethernet 1359062570 Thu 24 Jan 2013 09:22:50 PM UTC yes
> no /org/freedesktop/NetworkManager/Settings/1
> eduroam 00f69a95-4a1b-436c-b462-a284f45fbaa1
> 802-11-wireless 1359063171 Thu 24 Jan 2013 09:32:51 PM UTC yes
> no /org/freedesktop/NetworkManager/Settings/0
> nmcli-dev:
> DEVICE TYPE STATE DBUS-PATH
> wlan0 802-11-wireless connected
> /org/freedesktop/NetworkManager/Dev...

Ryan: Just read the log on this page...

I am affected too.
Lets hope that on Monday its already fixed! :P

well i just tried 13.04 on a live-usb and this issue is still there:(
cannot connect to peap without CA, line "system-ca-certs=true" is stil added despite choosing no CA

I believe this may be a GNOME problem. When I try it under Kubuntu and KDE, I can connect fine; while in GNOME, I cannot connect to my university (University of Missouri) wifi network.

Confirming that this is a really serious issue.

PEAP connection, MSCHAPv2, no certificate but with a username & password, I *cannot* connect to the network. Previous versions of Ubuntu work fine. Indeed, my credentials on another machine running 12.10 work just fine.

I can confirm this issue on a Lenovo T510, PEAP, MSCHAPv2, no cert. Switching to LEAP seems to hold fine. Removing system-ca-certs=true did not stabilize my connection at all. I am able to get connected, but drops every few minutes and sometimes will not connect at all.

Hey Guys, this problem is quite serious!! Excitement in the morning after the upgrade on home wifi then complete dissapointment after 2hrs+ attempting to patch it :(
 Tried just about all that was posted here and was unsuccessful. eduroam and other enterprise wpa networks just don't work anymore. Please supply a quick fix...

Confirmed "system-ca-certs=true" is stil added despite choosing no CA and choosing ignore along with do not warn me again on the popup.

this is the 1. ubuntu release I didn't install right after it came out.
guess why.

and by the way the workarond by Eduard Gotwig from comment #19 sadly
doesn't work here either. the line is always re-added. please explain us
better how u did it cause more people have reported here that it doesn't
work.

Workaround of removing "system-ca-certs=true" only works temporarily. Next time NetworkManager touches the profile, the line reappears in the profile.

How i got it working:

1. Download the AddTrust External CA Root (Base64 format) available here: http://iss.leeds.ac.uk/helpdesk/eduroam-certificates
2. Double click it and import using Gnome2 Key Storage (require sudo privileges).
3. Go to Network connections (right click con the wi-fi logo on the top right of the screen) and Add a new connection.
4. Name the new connection "eduroam"and have the SSID also "eduroam"
5. Under Wi-fi security choose "WPA 2 enterprise", Authentication: "Proteacted EAP (PEAP)", CA Certificate browse the file you downladed on step 1.
6. Username have your COMPLETE email (include @schoolname.something).
7.include your password.
Save it.
Good luck

Same problem here. And 13.04 really is the first Ubuntu where this doesn't work. And sure it IS critical!
If this is not fixed, Ubuntu will prove useless for most education (students/profs) and business users. And the bug is still unassigned since January?! Come on!

I just can't believe that the swirl direction of the BFB icon was a more important bug than this one... In terms that it was promptly addressed, unlike this one.

I just wanted to say that comment #19 of removing "system-ca-certs=true" from /etc/NetworkManager/system-connections also worked for me. Actually, what I did was set the statement to false. When I re-started the connection, it worked on the next try.

I also did a sudo chmod -w NUwave after the first time it connected, so that should avoid the statement from reappearing since now the file is read-only. Given the connection name, I'm at Northeastern University, which uses WPA2/PEAP/MSCHAP as well.

From /var/log/syslog upon successful authentication:

May 2 13:21:52 wpa_supplicant[1434]: wlan0: CTRL-EVENT-EAP-STARTED EAP authentication started
May 2 13:21:52 wpa_supplicant[1434]: wlan0: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=25
May 2 13:21:52 wpa_supplicant[1434]: wlan0: CTRL-EVENT-EAP-METHOD EAP vendor 0 method 25 (PEAP) selected
May 2 13:21:52 wpa_supplicant[1434]: wlan0: CTRL-EVENT-EAP-PEER-CERT depth=0 subject='/C=US/ST=Massachusetts/L=Boston/O=Northeastern University/OU=IT/CN=wireless.neu.edu'
May 2 13:21:52 wpa_supplicant[1434]: last message repeated 2 times
May 2 13:21:52 Faraday wpa_supplicant[1434]: EAP-MSCHAPV2: Authentication succeeded

Before the statement was switched to false, syslog showed statements like:

May 2 13:02:59 wpa_supplicant[1483]: wlan0: CTRL-EVENT-EAP-STARTED EAP authentication started
May 2 13:02:59 wpa_supplicant[1483]: wlan0: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=25
May 2 13:02:59 wpa_supplicant[1483]: wlan0: CTRL-EVENT-EAP-METHOD EAP vendor 0 method 25 (PEAP) selected
May 2 13:02:59 wpa_supplicant[1483]: TLS: Certificate verification failed, error 20 (unable to get local issuer certificate) depth 0 for '/C=US/ST=Massachusetts/L=Boston/O=Northeastern University/OU=IT/CN=wireless.neu.edu'
May 2 13:02:59 wpa_supplicant[1483]: wlan0: CTRL-EVENT-EAP-TLS-CERT-ERROR reason=1 depth=0 subject='/C=US/ST=Massachusetts/L=Boston/O=Northeastern University/OU=IT/CN=wireless.neu.edu' err='unable to get local issuer certificate'
May 2 13:02:59 wpa_supplicant[1483]: SSL: SSL3 alert: write (local SSL3 detected an error):fatal:unknown CA
May 2 13:02:59 wpa_supplicant[1483]: OpenSSL: openssl_handshake - SSL_connect error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
May 2 13:02:59 wpa_supplicant[1483]: wlan0: CTRL-EVENT-EAP-FAILURE EAP authentication failed
May 2 13:03:00 wpa_supplicant[1483]: wlan0: CTRL-EVENT-DISCONNECTED bssid=00:24:6c:e7:7b:51 reason=6

Before I had tried this, I had attempted to use the certificate that Windows 7 associated with the same NUwave wireless connection, but I was still unsuccessful at authenticating even with that. The odd thing is that a few weeks back when I tested with an Ubuntu 13.04 Beta 2 USB stick it worked fine, but stopped working at some point, and I re-tested with the USB stick today and it still failed, so at that point I knew it wasn't anything package related and stumbled across this bug and solution which fixed it! :)

The workaround works for me, too. Even without making the file read-only. I connected at my faculty's library in the early afternoon today. But I still think this is a critical issue, that could turn people away from Ubuntu.

It's very interesting what vacalola said about the old unchanged live image working once, and then not... Yet, the fact remains that this works completely fine in both 12.04 and 12.10, and just in 13.04 not.

I give up... this has just got me switching to another Linux distro! Spent the whole week trying to rebuild my machine just cos of this issue... One year + of Ubuntu Love now to it's brother... Which I should state that wpa-enterprise works at time of writing that is!

Status changed to 'Confirmed' because the bug affects multiple users.

The bug is still there, and happens despite the network adaptor being used.