On 02/10/2018 03:54 AM, 1351706412(a)qq.com wrote:
i see "man connman-service.config", and connect ieee802.1x tls
method type Wifi.
i really really try many many times to config the parser, but connmanctl
my "/usr/local/var/lib/connman/tls.config" as follows
Type = wifi
SSID = Roy
EAP = tls
CACertFile = /home/echo/work/user/tls/ca.pem
ClientCertFile = /home/echo/work/user/tls/client.p12
PrivateKeyFile = /home/echo/work/user/tls/client.key
Identity = user
PrivateKeyPassphraseType = fsid
So first thing to look out if you see something like this here:
connmand: Config file /var/lib/connman/wpa-eap-testing.config
does not contain any configuration that can be provisioned!
In this case the config file somehow invalid. I checked your
configuration by hand and it looks syntactical correct.
One thing which is not correct is 'SSID = Roy'. The SSID field
is expected to be the hex representation of the name. Try instead
'Name = Roy'. It took me a while to spot it :)
and now i have files named "ca.pem, client.pem, client.p12"
freeradius centos server,
i am not sure that the
"PrivateKeyFile = /home/user/.certs/client.fsid.pem,
PrivateKeyPassphraseType = fsid,
Identity = user" is right or not?
This depends on your certificates if I am not completely wrong
here. If the key needs to unlocked by a passphrase.
So in case you still have problems, we need to look at the
For example during my testing I got:
connmand: src/service.c:connect_service() service 0x205f6b0
connmand: src/service.c:__connman_service_connect() service 0x205f6b0 state idle
connect reason none -> user
connmand: src/service.c:__connman_service_clear_error() service 0x205f6b0
connmand: src/service.c:__connman_service_connect() service 0x205f6b0 err -22
connmand: src/network.c:__connman_network_disconnect() network 0x2058560
So the -22 maps to EINVAL. Looking a bit at the code it is clear what is
static int service_connect(struct connman_service *service)
ConnMan is not able to match the provisioning to the services.
So if you change your configuration file as described above
it should work (famous last words).
I just sent out a patch which adds a warning to log if we hit this