01-26-2012, 03:24 PM | #61 |
(offline)
Posts: 2,907
Karma: 6736092
Join Date: Dec 2011
Device: K3, K4, K5, KPW, KPW2
|
Can you attach the certificate here?
Don't worry, this is not confidential information, it's a public certificate after all. |
01-26-2012, 04:04 PM | #62 | |
hub
Posts: 715
Karma: 2151032
Join Date: Jan 2012
Location: Iranian in Canada
Device: K3G, DXG, Kobo mini
|
Quote:
Code:
-----BEGIN CERTIFICATE-----MIIEkjCCA3qgAwIBAgIJAMRtKfwtmk4BMA0GCSqGSIb3DQEBBQUAMIGMMQswCQYDVQQGEwJDQTEUMBIGA1UECBMLTm92YSBTY290aWExEDAOBgNVBAcTB0hhbGlmYXgxHTAbBgNVBAoTFERhbGhvdXNpZSBVbml2ZXJzaXR5MRkwFwYJKoZIhvcNAQkBFgpub2NAZGFsLmNhMRswGQYDVQQDExJEYWxob3VzaWUgV2lyZWxlc3MwHhcNMTAwNDIwMTkyNDU2WhcNMzAwNDE1MTkyNDU2WjCBjDELMAkGA1UEBhMCQ0ExFDASBgNVBAgTC05vdmEgU2NvdGlhMRAwDgYDVQQHEwdIYWxpZmF4MR0wGwYDVQQKExREYWxob3VzaWUgVW5pdmVyc2l0eTEZMBcGCSqGSIb3DQEJARYKbm9jQGRhbC5jYTEbMBkGA1UEAxMSRGFsaG91c2llIFdpcmVsZXNzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0E6rgv8JkKHMqhd367iW1tam4x9d+ol3LEqYg3BZ8zYtM9E0vLGDsUoYBpU1+7DlOl+oGJLXeWgBphBqekJ+rPzELqLobtpcj6GZlywOVCe5joali7mlU9Pbu/K5gjieJYJgKLNhX1C0L+81ipwlFPoBJXLQFUutjNLpkVrHZn//YwRr0LKP9Wii+qHerkuMoZqGsCChO8flm0v7Ozpr6L6QV+nP/GQppq01B+5Ik7owSG5XuTxo6xmdsho+2E8j3QjYrP4V8/lX6Lm0E7GWmmH0FzHIbeE409tdU30oX/n94/E6/Z2f6eEl5CEqjIMK5w1eRjVGeiAk+J2UDa0yUwIDAQABo4H0MIHxMB0GA1UdDgQWBBTo7N3VchFP4UAYawsuYfDuS9HeiTCBwQYDVR0jBIG5MIG2gBTo7N3VchFP4UAYawsuYfDuS9! HeiaGBkqSBjzCBjDELMAkGA1UEBhMCQ0ExFDASBgNVBAgTC05vdmEgU2NvdGlhMRAwDgYDVQQHEwdIYWxpZmF4MR0wGwYDVQQKExREYWxob3VzaWUgVW5pdmVyc2l0eTEZMBcGCSqGSIb3DQEJARYKbm9jQGRhbC5jYTEbMBkGA1UEAxMSRGFsaG91c2llIFdpcmVsZXNzggkAxG0p/C2aTgEwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAIu4hGQEIOdNrGFLIGXlKT/R3QmVw3eZJKrdq5K9d8OWqY7cUOla1dopMhbNftySDZSyGgQ2CxxEWJkcBlh4PbmYExlT/maUsZkFkkBClB5T9iRCcjzv9KonZCAYSpYW2sRaV9Gx4GDMMiZOsxRCQuzjaXs3y99HmNcykR0rCfIVCQtQZyq6KRzt64HdO4Z1cXm8GIvhAaImWbIbmhxwgXxuQuJHa9S/HTHwk1wroe6US+P+/LEvmVBArLIWtikfEkz6pLXa7TM0JLiFOqsVs7La8eY1fxq6diM0XVvN/k5SuBOz4KneMpCBJ7EML4aTkLroYp6i+YSaaPp5OU53Y4Q==-----END CERTIFICATE----- Last edited by thatworkshop; 01-26-2012 at 04:38 PM. |
|
Advert | |
|
01-26-2012, 04:24 PM | #63 |
(offline)
Posts: 2,907
Karma: 6736092
Join Date: Dec 2011
Device: K3, K4, K5, KPW, KPW2
|
Take this:
Code:
-----BEGIN CERTIFICATE----- MIIEkjCCA3qgAwIBAgIJAMRtKfwtmk4BMA0GCSqGSIb3DQEBBQUAMIGMMQswCQYD VQQGEwJDQTEUMBIGA1UECBMLTm92YSBTY290aWExEDAOBgNVBAcTB0hhbGlmYXgx HTAbBgNVBAoTFERhbGhvdXNpZSBVbml2ZXJzaXR5MRkwFwYJKoZIhvcNAQkBFgpu b2NAZGFsLmNhMRswGQYDVQQDExJEYWxob3VzaWUgV2lyZWxlc3MwHhcNMTAwNDIw MTkyNDU2WhcNMzAwNDE1MTkyNDU2WjCBjDELMAkGA1UEBhMCQ0ExFDASBgNVBAgT C05vdmEgU2NvdGlhMRAwDgYDVQQHEwdIYWxpZmF4MR0wGwYDVQQKExREYWxob3Vz aWUgVW5pdmVyc2l0eTEZMBcGCSqGSIb3DQEJARYKbm9jQGRhbC5jYTEbMBkGA1UE AxMSRGFsaG91c2llIFdpcmVsZXNzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB CgKCAQEA0E6rgv8JkKHMqhd367iW1tam4x9d+ol3LEqYg3BZ8zYtM9E0vLGDsUoY BpU1+7DlOl+oGJLXeWgBphBqekJ+rPzELqLobtpcj6GZlywOVCe5joali7mlU9Pb u/K5gjieJYJgKLNhX1C0L+81ipwlFPoBJXLQFUutjNLpkVrHZn//YwRr0LKP9Wii +qHerkuMoZqGsCChO8flm0v7Ozpr6L6QV+nP/GQppq01B+5Ik7owSG5XuTxo6xmd sho+2E8j3QjYrP4V8/lX6Lm0E7GWmmH0FzHIbeE409tdU30oX/n94/E6/Z2f6eEl 5CEqjIMK5w1eRjVGeiAk+J2UDa0yUwIDAQABo4H0MIHxMB0GA1UdDgQWBBTo7N3V chFP4UAYawsuYfDuS9HeiTCBwQYDVR0jBIG5MIG2gBTo7N3VchFP4UAYawsuYfDu S9HeiaGBkqSBjzCBjDELMAkGA1UEBhMCQ0ExFDASBgNVBAgTC05vdmEgU2NvdGlh MRAwDgYDVQQHEwdIYWxpZmF4MR0wGwYDVQQKExREYWxob3VzaWUgVW5pdmVyc2l0 eTEZMBcGCSqGSIb3DQEJARYKbm9jQGRhbC5jYTEbMBkGA1UEAxMSRGFsaG91c2ll IFdpcmVsZXNzggkAxG0p/C2aTgEwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUF AAOCAQEAIu4hGQEIOdNrGFLIGXlKT/R3QmVw3eZJKrdq5K9d8OWqY7cUOla1dopM hbNftySDZSyGgQ2CxxEWJkcBlh4PbmYExlT/maUsZkFkkBClB5T9iRCcjzv9KonZ CAYSpYW2sRaV9Gx4GDMMiZOsxRCQuzjaXs3y99HmNcykR0rCfIVCQtQZyq6KRzt6 4HdO4Z1cXm8GIvhAaImWbIbmhxwgXxuQuJHa9S/HTHwk1wroe6US+P+/LEvmVBAr LIWtikfEkz6pLXa7TM0JLiFOqsVs7La8eY1fxq6diM0XVvN/k5SuBOz4KneMpCBJ 7EML4aTkLroYp6i+YSaaPp5OU53Y4Q== -----END CERTIFICATE----- Good luck! |
01-26-2012, 04:34 PM | #64 | |
hub
Posts: 715
Karma: 2151032
Join Date: Jan 2012
Location: Iranian in Canada
Device: K3G, DXG, Kobo mini
|
Quote:
Code:
unable to load certificate 18294:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:650:Expecting: TRUSTED CERTIFICATE date: invalid date '-00- ' sh: 1327613470: unknown operand wpa_cli v0.6.10 Copyright (c) 2004-2009, Jouni Malinen <j@w1.fi> and contributors This program is free software. You can distribute it and/or modify it under the terms of the GNU General Public License version 2. Alternatively, this software may be distributed under the terms of the BSD license. See README and COPYING for more details. Selected interface 'wlan0' Interactive mode > OK > OK > OK > OK > OK > OK > OK > OK > OK > OK > OK > OK <2>Trying to associate with SSID 'MY_SSID_HERE' > Even running 'openssl x509 -in ca.pem' to verify the validity of cert gave previous error! Last edited by thatworkshop; 01-26-2012 at 04:39 PM. |
|
01-26-2012, 04:48 PM | #65 |
(offline)
Posts: 2,907
Karma: 6736092
Join Date: Dec 2011
Device: K3, K4, K5, KPW, KPW2
|
... then you must be doing something wrong
Code:
openssl x509 -in ca.pem -noout -text Certificate: Data: Version: 3 (0x2) Serial Number: c4:6d:29:fc:2d:9a:4e:01 Signature Algorithm: sha1WithRSAEncryption Issuer: C=CA, ST=Nova Scotia, L=Halifax, O=Dalhousie University/emailAddress=noc@dal.ca, CN=Dalhousie Wireless Validity Not Before: Apr 20 19:24:56 2010 GMT Not After : Apr 15 19:24:56 2030 GMT Subject: C=CA, ST=Nova Scotia, L=Halifax, O=Dalhousie University/emailAddress=noc@dal.ca, CN=Dalhousie Wireless Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (2048 bit) Modulus (2048 bit): 00:d0:4e:ab:82:ff:09:90:a1:cc:aa:17:77:eb:b8: 96:d6:d6:a6:e3:1f:5d:fa:89:77:2c:4a:98:83:70: 59:f3:36:2d:33:d1:34:bc:b1:83:b1:4a:18:06:95: 35:fb:b0:e5:3a:5f:a8:18:92:d7:79:68:01:a6:10: 6a:7a:42:7e:ac:fc:c4:2e:a2:e8:6e:da:5c:8f:a1: 99:97:2c:0e:54:27:b9:8e:86:a5:8b:b9:a5:53:d3: db:bb:f2:b9:82:38:9e:25:82:60:28:b3:61:5f:50: b4:2f:ef:35:8a:9c:25:14:fa:01:25:72:d0:15:4b: ad:8c:d2:e9:91:5a:c7:66:7f:ff:63:04:6b:d0:b2: 8f:f5:68:a2:fa:a1:de:ae:4b:8c:a1:9a:86:b0:20: a1:3b:c7:e5:9b:4b:fb:3b:3a:6b:e8:be:90:57:e9: cf:fc:64:29:a6:ad:35:07:ee:48:93:ba:30:48:6e: 57:b9:3c:68:eb:19:9d:b2:1a:3e:d8:4f:23:dd:08: d8:ac:fe:15:f3:f9:57:e8:b9:b4:13:b1:96:9a:61: f4:17:31:c8:6d:e1:38:d3:db:5d:53:7d:28:5f:f9: fd:e3:f1:3a:fd:9d:9f:e9:e1:25:e4:21:2a:8c:83: 0a:e7:0d:5e:46:35:46:7a:20:24:f8:9d:94:0d:ad: 32:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:EC:DD:D5:72:11:4F:E1:40:18:6B:0B:2E:61:F0:EE:4B:D1:DE:89 X509v3 Authority Key Identifier: keyid:E8:EC:DD:D5:72:11:4F:E1:40:18:6B:0B:2E:61:F0:EE:4B:D1:DE:89 DirName:/C=CA/ST=Nova Scotia/L=Halifax/O=Dalhousie University/emailAddress=noc@dal.ca/CN=Dalhousie Wireless serial:C4:6D:29:FC:2D:9A:4E:01 X509v3 Basic Constraints: CA:TRUE Signature Algorithm: sha1WithRSAEncryption 22:ee:21:19:01:08:39:d3:6b:18:52:c8:19:79:4a:4f:f4:77: 42:65:70:dd:e6:49:2a:b7:6a:e4:af:5d:f0:e5:aa:63:b7:14: 3a:56:b5:76:8a:4c:85:b3:5f:b7:24:83:65:2c:86:81:0d:82: c7:11:16:26:47:01:96:1e:0f:6e:66:04:c6:54:ff:99:a5:2c: 66:41:64:90:10:a5:07:94:fd:89:10:9c:8f:3b:fd:2a:89:d9: 08:06:12:a5:85:b6:b1:16:95:f4:6c:78:18:33:0c:89:93:ac: c5:10:90:bb:38:da:5e:cd:f2:f7:d1:e6:35:cc:a4:47:4a:c2: 7c:85:42:42:d4:19:ca:ae:8a:47:3b:7a:e0:77:4e:e1:9d:5c: 5e:6f:06:22:f8:40:68:89:96:6c:86:e6:87:1c:20:5f:1b:90: b8:91:da:f5:2f:c7:4c:7c:24:d7:0a:e8:7b:a5:12:f8:ff:bf: 2c:4b:e6:54:10:2b:2c:85:ad:8a:47:c4:93:3e:a9:2d:76:bb: 4c:cd:09:2e:21:4e:aa:c5:6c:ec:b6:bc:79:8d:5f:c6:ae:9d: 88:cd:17:56:f3:7f:93:94:ae:04:ec:f8:2a:77:8c:a4:20:49: ec:43:0b:e1:a4:e4:2e:ba:18:a7:a8:be:61:26:9a:3e:9e:4e: 53:9d:d8:e1 |
Advert | |
|
01-26-2012, 05:05 PM | #66 | |
hub
Posts: 715
Karma: 2151032
Join Date: Jan 2012
Location: Iranian in Canada
Device: K3G, DXG, Kobo mini
|
Quote:
So I turn on Wireless, connect Kindle to PC, run your script and it says everything ok! Then I open up browser, it still shows 3G (no sign of mentioning Wi-Fi) and the same nag screen that Kindle can't connect to WPA Enterprise?! Should I restart Kindle maybe for changes to take effect? Also, I wish I was the lucky person receiving your K3 to do some hacks just kidding But anyways, I'm in love with this forum! Last edited by thatworkshop; 01-26-2012 at 05:10 PM. |
|
01-26-2012, 05:14 PM | #67 |
(offline)
Posts: 2,907
Karma: 6736092
Join Date: Dec 2011
Device: K3, K4, K5, KPW, KPW2
|
You're welcome
As said, you sometimes need to try multiple times, turning off and on Wifi in between. WPA-EAP is a royal bitch to get working correctly, and I was lucky enough to have an OpenWRT AP where I could run radius in debug mode, to see what went wrong. Try playing around with wpa_cli, and making absolutely sure you're using the correct parameters for your network. Other than that, I'm afraid I can't really say much more, sorry. |
01-26-2012, 07:03 PM | #68 |
Wizard
Posts: 1,379
Karma: 2155307
Join Date: Nov 2010
Location: Goettingen, Germany
Device: Kindle Paperwhite, Kobo Mini
|
I think in order to work correctly, the right hints are in this posting: https://www.mobileread.com/forums/sho...9&postcount=27
(but I'm not sure, because, again, this was meant for Kindle 3). Basically, for Kindle 3 you had to convince the UI that it connected to the Wifi network itself. So in a first step, you make the SSID known to the framework by connecting to a temporarily set up infrastructure network with the SSID you plan to connect later via WPA-EAP, but in the temporary case with unprotected standard Wifi. Afterwards, you make the Kindle try and connect to the real network and start the setup script right afterwards. The framework will then think it configured the Wifi itself and will care for doing DHCP and allowing to actually use the Wifi link. |
01-26-2012, 08:20 PM | #69 |
(offline)
Posts: 2,907
Karma: 6736092
Join Date: Dec 2011
Device: K3, K4, K5, KPW, KPW2
|
On KT, this does not seem to be needed. I just tried it again -- simply running the script is enough. (Again, it may not work on the very first attempt for some reason. Turning Wifi off+on, and running the script again, works 100% for me).
PS: Don't use the built-in dialog to try to connect to the network. Simply run the script and do nothing else. If it worked, Wifi should show up after a few seconds. You might want to keep the dialog with the Wifi networks open while testing though -- if it worked, your WPA-EAP network will be shown as connected (with the checkmark). Last edited by ixtab; 01-26-2012 at 08:37 PM. |
01-27-2012, 12:13 AM | #70 |
Carpe diem, c'est la vie.
Posts: 6,433
Karma: 10773668
Join Date: Nov 2011
Location: Multiverse 6627A
Device: K1 to PW3
|
When you did copy/paste from the web page, did you save it with linux end of line (LF only)? If you save it with any CR (0x0D) in it, that might cause problems (typical of small versions of programs such as busybox).
|
01-27-2012, 06:08 AM | #71 |
Wizard
Posts: 1,379
Karma: 2155307
Join Date: Nov 2010
Location: Goettingen, Germany
Device: Kindle Paperwhite, Kobo Mini
|
ixtab: So getting IP address and routing information (i.e. doing DHCP) is done automatically when the interface goes up? Or did you extend your script to also issue a call to a DHCP client?
|
01-27-2012, 07:02 AM | #72 |
(offline)
Posts: 2,907
Karma: 6736092
Join Date: Dec 2011
Device: K3, K4, K5, KPW, KPW2
|
Yes, it seems to be done automatically. I poked around sometime ago, but can't remember where exactly the logic is. In any case, it's as you said: the device detects that the interface is connected, and then starts DHCP etc. by itself. It even synchronizes the time via ntp
|
02-01-2013, 07:44 AM | #73 |
Member
Posts: 10
Karma: 23630
Join Date: Jan 2013
Device: Kindle 3
|
Hey!
Sorry for digging out the topic I've tried this today and it worked... but only once. I could browse websites. But then i left my university (cant remember if I had turned Wifi off or not before leaving). Turning the wifi off and on doesnt work. Restarting doesnt help. Running the script in the terminal also. When I type wpa_cli list_networks I can see the output 0 eduroam any [CURRENT] However, I'm not connected. When i type wpa_cli, and then quit, I get some piece of info, like that: CTRL-EVENT-DISCONNECTED [...] reason=DISC_SCAN or DISC_REQUESTED When i type wpa_cli status it says Supplicant PAE state = AUTHENTICATING Typing udhcpc -i wlan0 Sending discover... Sending discover... Sending discover... Do you have any ideas? I must say its highly inconvinient to change my home BSSID. I did it once and I dont want to do this more often. If eduroam is on my list_networks list, why it doesnt connect automaticaly? Is there a way to connect skipping GUI? Maybe I should dbus-send a message that im connected Last edited by ubuntuser; 02-01-2013 at 12:02 PM. |
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
I'm assuming Kindle 3 will work with WPA encryption? | AFK_Matrix | Amazon Kindle | 12 | 06-18-2012 12:42 PM |
Copy and Paste Wifi WPA key | mavhc | Kindle Developer's Corner | 0 | 09-20-2010 05:30 PM |
OMG!!! My WPA wireless connection is actually working | Maike13 | iRex | 0 | 12-27-2009 12:46 AM |
WPA fix | thetechnobear | iRex | 53 | 11-24-2008 09:44 AM |
WPA/Tkip not working | DeGodefroi | iRex | 6 | 06-14-2007 04:43 AM |