Active Topics
-
Nokia Booklet 3G (RX-75) Drivers (60)
to Alternatives by Maemish - 9 hrs, 59 mins ago -
Is there a section to talk about Java ME? Apps, etc. (7)
to General by teroyk - 3 days, 6 hrs ago - more...
|
2009-11-05
, 06:52
|
|
Posts: 133 |
Thanked: 23 times |
Joined on Oct 2009
|
#2
|
Hmmm, back on Windows Mobile you had to install certain certificates by hand in form of a Cab file - this is probably something similar, but I'm afraid I have no idea how to do that (or where to get the certificates needed) on Linux/Maemo5... So the best I can do is give your thread a bump 
-edit- Found something: In another thread someone posted a link to this page, where you can download some certificates for importing into the certificate manager (.der format).
Maybe the certificate you need is on there somewhere?
Last edited by bemymonkey; 2009-11-05 at 06:59.
-edit- Found something: In another thread someone posted a link to this page, where you can download some certificates for importing into the certificate manager (.der format).
Maybe the certificate you need is on there somewhere?
Last edited by bemymonkey; 2009-11-05 at 06:59.
 |
|
2009-11-05
, 09:07
|
|
Posts: 94 |
Thanked: 209 times |
Joined on Oct 2009
@ Germany
|
#3
|
Maybe you need to set your certificate to be trusted for use with wlan first, like it is described here in the first five steps: http://www.oucs.ox.ac.uk/network/wir...oam/nokia_810/.
Perhaps after that it will show up in the wlan wpa settings.
Perhaps after that it will show up in the wlan wpa settings.
|
|
2009-11-05
, 16:36
|
|
Posts: 43 |
Thanked: 13 times |
Joined on Oct 2009
|
#4
|
bemymonkey, the cert is already installed on the device. It shows up in the cert manager.
@Marshall: that sounds more likely. The Certificate Manager on the n900 is complete misnomer though, its just lists certs, no management going on. So there's no trust button or option.
@Marshall: that sounds more likely. The Certificate Manager on the n900 is complete misnomer though, its just lists certs, no management going on. So there's no trust button or option.
|
|
2009-11-05
, 17:28
|
|
Posts: 43 |
Thanked: 13 times |
Joined on Oct 2009
|
#5
|
So I did a bit of digging and found out that you can select the 'purpose' of a certificate when you add it. So I scp'ed the cert from my computer (couldn't find where it was on the device) and selected it from the file manager, and said it was for WiFi. Its now listed in the cert manager with a "WiFi" tag randomly on the right side (none of the pre-installed certs have any purpose annotation). It doesn't seem to mind that the same cert is installed twice.
So hopefully it works now. I'm not at university so I can't test, next time I go there I'll see. And then probably add a feature request to be able to modify the purpose of existing certs.
I hope this post is useful for future googlers. I'm guessing this 'purpose' feature has some sort of reason for existing, but search me...
So hopefully it works now. I'm not at university so I can't test, next time I go there I'll see. And then probably add a feature request to be able to modify the purpose of existing certs.
I hope this post is useful for future googlers. I'm guessing this 'purpose' feature has some sort of reason for existing, but search me...
| The Following User Says Thank You to eean For This Useful Post: | ||
|
|
2009-11-08
, 22:56
|
|
Posts: 43 |
Thanked: 13 times |
Joined on Oct 2009
|
#6
|
ok fail. I'm at uiowa's main library using my cellular connection as it *still* doesn't show any available certificates.
I'!l file a bug shortly, I've done my best to rule out PEBKAC.
I'!l file a bug shortly, I've done my best to rule out PEBKAC.
 |
|
2009-11-08
, 23:20
|
|
Posts: 3,397 |
Thanked: 1,212 times |
Joined on Jul 2008
@ Netherlands
|
#7
|
Remove the first cert. It is probably matching before the second is reached. May constitute a bug.
Also, what protocols are you using?
WPA (TKIP) or WPA2 (AES/CCMP)?
Which method of EAP?
You can find such out by looking at an existing working configuration. Chances are also such is described on website of your university, complete with howto for certain clients.
If you have it currently working on e.g. Ubuntu you can use your current wpa_supplicant.conf as template. I suggest you look at your current /etc/wpa_supplicant.conf on N900, and see if it is set up correct. There are some useful wpa_supplicant howtos to be found with aid from Google, but you need to be sure you know which protocols you're gonna use.
EDIT: Answer to question is: WPA2 Enterprise, EAP-PEAPv0/MS-CHAP-v2. This is supported by wpa_supplicant. I also saw an autoconfig site for your university.
Your wpa_supplicant config should look like this:
ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=wheel
network={
ssid="example"
scan_ssid=1
key_mgmt=WPA-EAP
eap=PEAP
identity="user@example.com"
password="foobar"
ca_cert="/etc/cert/ca.pem"
phase1="peaplabel=0"
phase2="auth=MSCHAPV2"
}
(Taken from manual page)[/EDIT]
Last edited by allnameswereout; 2009-11-08 at 23:32.
Also, what protocols are you using?
WPA (TKIP) or WPA2 (AES/CCMP)?
Which method of EAP?
You can find such out by looking at an existing working configuration. Chances are also such is described on website of your university, complete with howto for certain clients.
If you have it currently working on e.g. Ubuntu you can use your current wpa_supplicant.conf as template. I suggest you look at your current /etc/wpa_supplicant.conf on N900, and see if it is set up correct. There are some useful wpa_supplicant howtos to be found with aid from Google, but you need to be sure you know which protocols you're gonna use.
EDIT: Answer to question is: WPA2 Enterprise, EAP-PEAPv0/MS-CHAP-v2. This is supported by wpa_supplicant. I also saw an autoconfig site for your university.
Your wpa_supplicant config should look like this:
ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=wheel
network={
ssid="example"
scan_ssid=1
key_mgmt=WPA-EAP
eap=PEAP
identity="user@example.com"
password="foobar"
ca_cert="/etc/cert/ca.pem"
phase1="peaplabel=0"
phase2="auth=MSCHAPV2"
}
(Taken from manual page)[/EDIT]
__________________
Goosfraba! All text written by allnameswereout is public domain unless stated otherwise. Thank you for sharing your output!
Goosfraba! All text written by allnameswereout is public domain unless stated otherwise. Thank you for sharing your output!
Last edited by allnameswereout; 2009-11-08 at 23:32.
|
|
2009-11-09
, 02:15
|
|
Posts: 3,397 |
Thanked: 1,212 times |
Joined on Jul 2008
@ Netherlands
|
#8
|
http://packages.ubuntu.com/karmic/ca-certificates
Should install them in /usr/share/ca-certificates/*
Or manually. You did this?
And then import that key using the GUI. But without it being imported you can use the GUI to select the file instead or not? I'd also still delete the first entry!
Should install them in /usr/share/ca-certificates/*
Or manually. You did this?
The authentication server used by The University of Iowa wireless networks uses Thawte as its root certificate authority (CA). Therefore, your laptop must have a valid Thawte root certificate in Privacy-Enhanced Mail (PEM) format. In Ubuntu 9.10, the package ca-certificates is part of the default install. If it is not installed on your system, run "sudo apt-get install ca-certificates" in a terminal window.
If you do not want to install the ca-certificates package and you only want the necessary certficate, you can download all Thawte certificates on your laptop from Thawte. After you download the zip file, thawte-roots.zip, you need to extract "Thawte Server Roots/ThawtePremiumServerCA_b64.txt" Once that file is extracted, rename it to ThawtePremiumServerCA.pem.
__________________
Goosfraba! All text written by allnameswereout is public domain unless stated otherwise. Thank you for sharing your output!
Goosfraba! All text written by allnameswereout is public domain unless stated otherwise. Thank you for sharing your output!
|
|
2009-11-09
, 21:21
|
|
Posts: 43 |
Thanked: 13 times |
Joined on Oct 2009
|
#9
|
http://packages.ubuntu.com/karmic/ca-certificates
Should install them in /usr/share/ca-certificates/*
Or manually. You did this?
I suggest you look at your current /etc/wpa_supplicant.conf on N900, and see if it is set up correct.
...which I've just created here:
https://bugs.maemo.org/show_bug.cgi?id=6101
|
|
2009-12-07
, 14:49
|
|
Posts: 21 |
Thanked: 6 times |
Joined on Nov 2009
@ Kingston-Upon-Hul, UK / Le Mans, FR
|
#10
|
Any progress ?
Basically trying to follow these directions:
http://www.divms.uiowa.edu/help/wireless/ubuntu910.html
which worked for the n810.
I have to specify a specific cert. (Who designed WPA this way? how have web browsers figured out which cert to use for ages, but wpa can't?)
In the n900 cert manager its listed. But the wireless dialog simply says "none" and it doesn't list any available certificates.
Last edited by eean; 2009-11-05 at 17:30.