Comment 160 for bug 1104476
Revision history for this message
| BC (bc2000) wrote Re: Network manager cannot connect to WPA2/PEAP/MSCHAPv2 network without CA_Certificate | #160 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0f7b58d
(Get the code!)
I manage WiFi services for a University, including Eduroam. I just want to point out that this "issue" is not isolated self-signed certificate, but any certificate not signed directly by any of the 'pre-trusted' root/intermediate CAs. I wasn't actually aware that you are even 'allowed' to participate with Eduroam with a self-signed certificate?!?
I assume setting system-ca-certs to false the tells NetworkManager not to try and validate the certificate?? If that is the case, this would seem to be expected behaviour, rather than a bug, and may introduce a security risk (someone can potentially set up a bogus SSID with 'your' SSID name, using any certificate and then grab your credentials)
If you are joining a WiFi network with a self-signed certificate, you should be able to add the certificate itself to your trusted certificates. For networks with third-party signed certificates (Thawte, VeriSign etc) you should add the CA certificates (root, intermediate etc) to your list of trusted CAs.