MobileRead Forums - View Single Post

ixtab · 01-26-2012, 06:30 AM

Yes, you need to get the certificate file of the CA which signed the certificate that the access point is using. The entire point of WPA-EAP is to make use of a PKI infrastructure, so you're definitely not getting anywhere without that ca.pem.(*)

If it's a campus network, there usually is some information around on how to access it. That almost certainly includes the required certs, and possibly other hints concerning exactly which WPA settings you should use.

(*) Yes, I know that MacOS and Ubuntu will let you access it while only giving a warning about not trusting the AP. The Kindle is more picky and *requires* the cert. This is also the reason why I have these date checks in the script -- my device sometimes just resets back the time to somewhere in 2008, and consequently the cert is deemed not valid yet and the connection refused.

01-26-2012, 06:30 AM	#58
ixtab (offline) Posts: 2,907 Karma: 6736094 Join Date: Dec 2011 Device: K3, K4, K5, KPW, KPW2	Yes, you need to get the certificate file of the CA which signed the certificate that the access point is using. The entire point of WPA-EAP is to make use of a PKI infrastructure, so you're definitely not getting anywhere without that ca.pem.() If it's a campus network, there usually is some information around on how to access it. That almost certainly includes the required certs, and possibly other hints concerning exactly which WPA settings you should use. () Yes, I know that MacOS and Ubuntu will let you access it while only giving a warning about not trusting the AP. The Kindle is more picky and requires the cert. This is also the reason why I have these date checks in the script -- my device sometimes just resets back the time to somewhere in 2008, and consequently the cert is deemed not valid yet and the connection refused.