Discussion:
WPA_SUPPLICANT: How to give the path of certificates in Windows Mobile
Vijay Swami
2010-08-26 11:13:56 UTC
Permalink
Hi All,
I am facing one stupid problem. I have ported the WPA_SUPPLICANT on
Windows Mobile. I am using HTC Touch Pro for testing. I have installed the
test certificates on device. I can see installed certificates in
Settings->All Settings->System->Certificates->Root. I am not able to give
the proper path of that certificates in the code For that i am
getting following error:

EAP: Initialize selected EAP method: vendor 0 method 13 (TLS)
TLS: using phase1 config options
OpenSSL: __func__ not defined - SSL_use_certificate_file (DER) failed
error:02001002:system library:fopen:No such file or directory
OpenSSL: pending error: error:20074002:BIO routines:FILE_CTRL:system lib
OpenSSL: pending error: error:140C8002:SSL
routines:SSL_use_certificate_file:system lib
OpenSSL: __func__ not defined - SSL_use_certificate_file (PEM) failed
error:02001002:system library:fopen:No such file or directory
OpenSSL: pending error: error:20074002:BIO routines:FILE_CTRL:system lib
OpenSSL: pending error: error:140C8002:SSL
routines:SSL_use_certificate_file:system lib
TLS: Failed to set TLS connection parameters
EAP-TLS: Failed to initialize SSL.
EAP: Failed to initialize EAP method: vendor 0 method 13 (TLS)

I tried to give absoulute,relative path. But it did not work. Say i have the
certificate xyz. Which i can see in the above mentioned path. Can anybody
guide me for this. I am stuck up on this problem for more than a week. It
will be great if somebody guide me for this. Please give me some example how
it can be given.


Regards,
Vijay swami
Jouni Malinen
2010-08-26 12:27:42 UTC
Permalink
Post by Vijay Swami
I am facing one stupid problem. I have ported the WPA_SUPPLICANT on
Windows Mobile. I am using HTC Touch Pro for testing. I have installed the
test certificates on device. I can see installed certificates in
Settings->All Settings->System->Certificates->Root. I am not able to give
the proper path of that certificates in the code For that i am
OpenSSL: __func__ not defined - SSL_use_certificate_file (DER) failed
error:02001002:system library:fopen:No such file or directory
What path did you use with the certificate? Is the certificate in the
certificate store instead of a file in the file system? Currently,
wpa_supplicant supports Windows certificate store for loading CA
certificates. In other words, you can set ca_cert parameter to
"cert_store://CA" or "cert_store://ROOT" (etc.) based on where you have
the CA certificate(s). As far as client certificate and private key are
concerned, you can use cert:// or hash:// prefixes in private_key (note:
client_cert is left out from configuration). Take a look at
wpa_supplicant.conf for more information on how to select which
certificate/private key is used.
--
Jouni Malinen PGP id EFC895FA
Vijay Swami
2010-08-26 13:57:59 UTC
Permalink
Hi,
Thanks for your reply..
I am giving the path in this format
"client_cert=\"\\Certificates\\newclientcert.p12\"\n".
I have created one folder "Certificates" inside File explorer and i have
dumped the 1) newcacert.cer 2) newclientcert.p12 and installed the same on
the device. I could see from logs that newcacert.cer is getting loaded
properly.
TLS: using phase1 config options
OpenSSL: __func__ not defined - Failed to load root certificates
error:00000000:lib(0):func(0):reason(0)
OpenSSL: __func__ not defined - loaded DER format CA certificate
OpenSSL: __func__ not defined - SSL_use_certificate_file (DER) failed
error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
OpenSSL: pending error: error:0D07803A:asn1 encoding
routines:ASN1_ITEM_EX_D2I:nested asn1 error
OpenSSL: pending error: error:0D08303A:asn1 encoding
routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error
OpenSSL: pending error: error:140C800D:SSL
routines:SSL_use_certificate_file:ASN1 lib
OpenSSL: __func__ not defined - SSL_use_certi

I have given the path for newcacert.cer =
"ca_cert=\"\\Certificates\\newcacert.cer\"\n"
and
i have given the path for newclientcert.p12 =
"client_cert=\"\\Certificates\\newclientcert.p12\"\n".

First one is getting loaded properly (From log i can say). Can you suggest
some way.
Regards,
Vijay Swami
Post by Jouni Malinen
Post by Vijay Swami
I am facing one stupid problem. I have ported the WPA_SUPPLICANT on
Windows Mobile. I am using HTC Touch Pro for testing. I have installed
the
Post by Vijay Swami
test certificates on device. I can see installed certificates in
Settings->All Settings->System->Certificates->Root. I am not able to give
the proper path of that certificates in the code For that i am
OpenSSL: __func__ not defined - SSL_use_certificate_file (DER) failed
error:02001002:system library:fopen:No such file or directory
What path did you use with the certificate? Is the certificate in the
certificate store instead of a file in the file system? Currently,
wpa_supplicant supports Windows certificate store for loading CA
certificates. In other words, you can set ca_cert parameter to
"cert_store://CA" or "cert_store://ROOT" (etc.) based on where you have
the CA certificate(s). As far as client certificate and private key are
client_cert is left out from configuration). Take a look at
wpa_supplicant.conf for more information on how to select which
certificate/private key is used.
--
Jouni Malinen PGP id EFC895FA
_______________________________________________
HostAP mailing list
http://lists.shmoo.com/mailman/listinfo/hostap
Jouni Malinen
2010-08-26 14:20:32 UTC
Permalink
Post by Vijay Swami
"client_cert=\"\\Certificates\\newclientcert.p12\"\n".
I have created one folder "Certificates" inside File explorer and i have
dumped the 1) newcacert.cer 2) newclientcert.p12 and installed the same on
the device. I could see from logs that newcacert.cer is getting loaded
properly.
Please see wpa_supplicant.conf for more information on how to configure
PKCS#12: you should use private_key, not client_cert.
--
Jouni Malinen PGP id EFC895FA
Vijay Swami
2010-08-27 13:10:40 UTC
Permalink
Hi,
I am trying wpa_supplicant on Windows mobile.I'm trying to query
OID_802_11_BSSID in order to know if the PDA is connected to an AP and the
BSSID (or mac address) of the AP. I got the following output. It is
returning error code 31. Any idea??
NDIS: IOCTL_NDISUIO_QUERY_OID_VALUE failed (oid=0d010101): 31
NDIS: Set OID 0d01011e - hexdump(len=16): 10 00 00 00 00 00 00 00 ff ff ff
ff ff ff 00 00
L2(NDISUIO): RX thread started
NDIS: Set OID 0d010114 - hexdump(len=4): 00 00 00 00
NDIS: IOCTL_NDISUIO_QUERY_OID_VALUE failed (oid=0d010101): 31
NDIS: Set OID 0d01011e - hexdump(len=16): 10 00 00 00 01 00 00 00 ff ff ff
ff ff ff 00 00
NDIS: Set OID 0d010114 - hexdump(len=4): 01 00 00 00
NDIS: IOCTL_NDISUIO_QUERY_OID_VALUE failed (oid=0d010101): 31
NDIS: Set OID 0d01011e - hexdump(len=16): 10 00 00 00 02 00 00 00 ff ff ff
ff ff ff 00 00
NDIS: Set OID 0d010114 - hexdump(len=4): 02 00 00 00
NDIS: IOCTL_NDISUIO_QUERY_OID_VALUE failed (oid=0d010101): 31
NDIS: Set OID 0d01011e - hexdump(len=16): 10 00 00 00 03 00 00 00 ff ff ff
ff ff ff 00 00
NDIS: Set OID 0d010114 - hexdump(len=4): 03 00 00 00

Regards,
Vijay Swami

Loading...