WPA2 Enterprise invalid parameters

inertia666 · September 2, 2021 at 1:42 PM

I am trying to get connected to my company network but no success using TLS and WPA2 Enterprise

I have the following settings file in .cache/connman/wifi_xx/settings

Code

[wifi_dca63207fe2d_53434e_managed_ieee8021x]
Type=wifi
Name=wifi_name
Security=ieee8021x
PrivateKeyFile=/storage/cert/mykey.pem
PrivateKeyPassphrase=xxxx
EAP=tls
Identity=email@email.com

I get only "invalid parameters" and cannot connect. I have tried tinkering with the file and various options but no success.

I have tried making a .config file in .cache/connman as suggested in another tutorial but it doesn't help.

Alternatively, I can connect with the same security settings to the ethernet but cannot get this to work either. We have two networks running through the same port. A public gateway that requires registration with login via a website and the company portal that connects with a certificate. My networking skills are not good enough to force a connection to the company portal, it always gets an IP from the public gateway. I need to use DHCP to connect.

inertia666 · September 3, 2021 at 6:51 AM

I tested the connection with Ubuntus gnome network manager and successfully connected to the wifi. Maybe someone can help me convert the generated nmconnection file to work with connman.

There is one thing I noticed using the gnome gui and that was it wouldn't allow me to progress entering a private key and private key password until I filled in the client-certificate field, which is not supposed to be needed. In this case, i just used the private-key pem file and it worked. Maybe this is isn't needed though and just a gui quirk.

Code

[connection]
id=SCN
uuid=e51eed4d-53a2-446b-bac9-0c11d7a29817
type=wifi
interface-name=wlp2s0
permissions=


[wifi]
mac-address-blacklist=
mode=infrastructure
ssid=ssid


[wifi-security]
auth-alg=open
key-mgmt=wpa-eap


[802-1x]
client-cert= privatekey.pem
eap=tls;
identity=email@email.com
private-key=/privatekey.pem
private-key-password=mypass


[ipv4]
dns-search=
method=auto


[ipv6]
addr-gen-mode=stable-privacy
dns-search=
method=auto


[proxy]

Display More

inertia666 · September 9, 2021 at 8:42 AM

I cannot succeed in getting WPA EAP working at all in Libreelec.

I have scanned the forums and tried to implement a custom version of wpasupplicant to get it working but then I just lost the network totally and cannot access the unit anyway.

**chewitt** · September 9, 2021 at 10:51 AM Official Post

My suggestion is to drop into the #connman IRC channel on OFTC (OFTC - Home has a webchat option) and ping "wagi" for help. He's loosely familiar with LE packaging and is the main developer lead for ConnMan. People around here have little/no experience with WPA-EAP so we're not going to be that helpful.

inertia666 · September 9, 2021 at 11:52 AM

Ok thanks.