touch-packages team mailing list archive

Thread
Date

[Bug 1023277] Re: Please provide option to make NetworkManager verify only the root certificate of the signed cert chain (WPA2-Enterprise)

To: touch-packages@xxxxxxxxxxxxxxxxxxx
From: Patrick Brueckner <1023277@xxxxxxxxxxxxxxxxxx>
Date: Tue, 15 Jul 2014 13:54:08 -0000
Reply-to: Bug 1023277 <1023277@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Though #1104476 it is a different solution for the problem, it should
work with the new fix, as it allows to connect without verifying the
certificates. (Tested just now)

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to network-manager in Ubuntu.
https://bugs.launchpad.net/bugs/1023277

Title:
  Please provide option to make NetworkManager verify only the root
  certificate of the signed cert chain (WPA2-Enterprise)

Status in “network-manager” package in Ubuntu:
  Triaged

Bug description:
  I have to use a chain certificate, that had all certificates involved
  in the verification of the AP. this seems uncomfortable and breaks
  design (of at least the eduroam networks).

  The (German) eduroam networks are all signed with a certificate of the
  corresponding university or college CA, which is signed by the DFN
  (german scientific network) which is signed by Deutsche Telekom Root
  CA (installed by default on ubuntu)

  By opting to verify the complete chain, I have to set up various
  configurations for various locations.

  The eduroam network is designed to enable students from all over the
  world to log in to worldwide higher education networks with their
  home-university's login.

  There should be an option to only verify the root certificate of the
  signed cert chain.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1023277/+subscriptions