From owner-freebsd-net@FreeBSD.ORG Thu Jun 18 10:55:21 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 26AE3106564A for ; Thu, 18 Jun 2009 10:55:21 +0000 (UTC) (envelope-from onemda@gmail.com) Received: from mail-bw0-f227.google.com (mail-bw0-f227.google.com [209.85.218.227]) by mx1.freebsd.org (Postfix) with ESMTP id A5EAA8FC12 for ; Thu, 18 Jun 2009 10:55:20 +0000 (UTC) (envelope-from onemda@gmail.com) Received: by bwz27 with SMTP id 27so174772bwz.43 for ; Thu, 18 Jun 2009 03:55:19 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=P8PRq5Poar01UnWgJSvJlaNxZqd74nPXSIGY93URlng=; b=Szj20cdSIrhnVMom/3c1q1phsWHI5qQNHl3AONkwGJsD6q4HJ/U9nCqzUazOtfO1qx Yga+VUOuomOrZ+2fLF4G2yjVguKmshKEyLaDt8g5oCOGbj7iS3dGa9hsMcXKTjVdo/Jg YdJ08DOJIesR5E4Iyil7br/x41VD6Z1X229h8= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=a0Dj7YSUs5OcKGzvSPtFPBSIbwSD3lQHmnJ63JL89QwmFsIJ0UaPFp9ZMNznyBNL4L V0Ux/FMqKgE0PH+iuot+AQBRL9SoBJQZCvBwbSPS8fFRtcN+TxET0COFVLEHMUBd6OFc gJW+UN/7+aqRnn25Ia/vy+yTm2citPnB8VQAo= MIME-Version: 1.0 Received: by 10.204.119.71 with SMTP id y7mr1230692bkq.24.1245322519556; Thu, 18 Jun 2009 03:55:19 -0700 (PDT) In-Reply-To: <1245308384.28444.14.camel@daemon2.partygaming.local> References: <1245308384.28444.14.camel@daemon2.partygaming.local> Date: Thu, 18 Jun 2009 12:55:19 +0200 Message-ID: <3a142e750906180355lf9bb1a9vd7133e878e57eff@mail.gmail.com> From: "Paul B. Mahol" To: Vladimir Terziev Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: hostapd with 802.1X EAP-TLS/TTLS support X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 18 Jun 2009 10:55:21 -0000 On 6/18/09, Vladimir Terziev wrote: > Hi, > > i try to setup wireless access point at home, based on FreeBSD > 7.2R-i386, ral(4) wireless card and hostpad(8). > > I want my wireless AP to support 802.1x EAP-TLS/TTLS authentication. I > issued a custom SSL certificate for the hostapd(8) and put the following > directives in hostapd.conf: > > eap_server=0 > ca_cert=/usr/local/etc/myCA.crt.pem > server_cert=/usr/local/etc/hostapd.server.crt.pem > private_key=/usr/local/etc/hostapd.server.key.pem > private_key_passwd=some_pass > > When i tried to start the hostapd(8) i got the following errors: > > Line 15: unknown configuration item 'eap_server' > Line 16: unknown configuration item 'ca_cert' > Line 17: unknown configuration item 'server_cert' > Line 18: unknown configuration item 'private_key' > Line 19: unknown configuration item 'private_key_passwd' > > Does the stock FreeBSD's hostapd(8) support 802.1X EAP-TLS/TTLS at all > and if "not" why ? 802.1X EAP-TLS/TTLS is not enabled by default on FreeBSD's hostapd(8). -- Paul