#StackBounty: #wifi #key-authentication #iwd iwd with EAP-TLS fails with 'Failed to load <pem>'

Bounty: 50

I want to connect to an EAP-TLS access point using iwd, however this fails because it apparently cannot open my client key:

# iwctl
[iwd]# station wlan0 connect foo
Not configured

iwd says:

src/network.c:network_connect() 
src/network.c:network_connect_8021x() 
Failed to load /var/lib/wireless/skybert.pem

My kernel is the latest stable one and I’ve enabled CONFIG_PKCS8_PRIVATE_KEY_PARSER:

# uname -r
5.2.1
# lsmod | grep pkcs8_key_parser
pkcs8_key_parser       16384  0

iwd

# /usr/libexec/iwd --version
0.18
# export IWD_TLS_DEBUG=1
# /usr/libexec/iwd -d
[..]
src/network.c:network_connect() 
src/network.c:network_connect_8021x() 
Failed to load /var/lib/wireless/skybert.pem

/var/lib/iwd/foo.8021x

[Security]
EAP-Method=TLS
EAP-TLS-ClientCert=/var/lib/wirelss/skybert.pem
EAP-TLS-ClientKey=/var/lib/wireless/skybert.des3.key 
EAP-TLS-ClientKeyPassphrase=youwish
EAP-Identity=skybert

The corresponding, working, wpa_supplicant block was:

network={
   ssid="foo"
   key_mgmt=WPA-EAP
   proto=WPA2
   eap=TLS
   identity="skybert"
   client_cert="/var/lib/wireless/skybert.pem"
   private_key="/var/lib/wireless/skybert.des3.key"
   private_key_passwd="youwish"
}

OS

❯ lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description:    Debian GNU/Linux 10 (buster)
Release:        10
Codename:       buster

(trying to) read the source

From what I can tell, it’s ell/ell/pem.c (called from iwd/src/eap-tls-common.c) which cannot load the certificate, but that’s as far as I’ve come. The error message is the same if the path exists or if it doesn’t.

Any help would be much appreciated.


Get this bounty!!!

#StackBounty: #wifi #key-authentication #iwd iwd with EAP-TLS fails with 'Failed to load <pem>'

Bounty: 50

I want to connect to an EAP-TLS access point using iwd, however this fails because it apparently cannot open my client key:

# iwctl
[iwd]# station wlan0 connect foo
Not configured

iwd says:

src/network.c:network_connect() 
src/network.c:network_connect_8021x() 
Failed to load /var/lib/wireless/skybert.pem

My kernel is the latest stable one and I’ve enabled CONFIG_PKCS8_PRIVATE_KEY_PARSER:

# uname -r
5.2.1
# lsmod | grep pkcs8_key_parser
pkcs8_key_parser       16384  0

iwd

# /usr/libexec/iwd --version
0.18
# export IWD_TLS_DEBUG=1
# /usr/libexec/iwd -d
[..]
src/network.c:network_connect() 
src/network.c:network_connect_8021x() 
Failed to load /var/lib/wireless/skybert.pem

/var/lib/iwd/foo.8021x

[Security]
EAP-Method=TLS
EAP-TLS-ClientCert=/var/lib/wirelss/skybert.pem
EAP-TLS-ClientKey=/var/lib/wireless/skybert.des3.key 
EAP-TLS-ClientKeyPassphrase=youwish
EAP-Identity=skybert

The corresponding, working, wpa_supplicant block was:

network={
   ssid="foo"
   key_mgmt=WPA-EAP
   proto=WPA2
   eap=TLS
   identity="skybert"
   client_cert="/var/lib/wireless/skybert.pem"
   private_key="/var/lib/wireless/skybert.des3.key"
   private_key_passwd="youwish"
}

OS

❯ lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description:    Debian GNU/Linux 10 (buster)
Release:        10
Codename:       buster

(trying to) read the source

From what I can tell, it’s ell/ell/pem.c (called from iwd/src/eap-tls-common.c) which cannot load the certificate, but that’s as far as I’ve come. The error message is the same if the path exists or if it doesn’t.

Any help would be much appreciated.


Get this bounty!!!

#StackBounty: #wifi #key-authentication #iwd iwd with EAP-TLS fails with 'Failed to load <pem>'

Bounty: 50

I want to connect to an EAP-TLS access point using iwd, however this fails because it apparently cannot open my client key:

# iwctl
[iwd]# station wlan0 connect foo
Not configured

iwd says:

src/network.c:network_connect() 
src/network.c:network_connect_8021x() 
Failed to load /var/lib/wireless/skybert.pem

My kernel is the latest stable one and I’ve enabled CONFIG_PKCS8_PRIVATE_KEY_PARSER:

# uname -r
5.2.1
# lsmod | grep pkcs8_key_parser
pkcs8_key_parser       16384  0

iwd

# /usr/libexec/iwd --version
0.18
# export IWD_TLS_DEBUG=1
# /usr/libexec/iwd -d
[..]
src/network.c:network_connect() 
src/network.c:network_connect_8021x() 
Failed to load /var/lib/wireless/skybert.pem

/var/lib/iwd/foo.8021x

[Security]
EAP-Method=TLS
EAP-TLS-ClientCert=/var/lib/wirelss/skybert.pem
EAP-TLS-ClientKey=/var/lib/wireless/skybert.des3.key 
EAP-TLS-ClientKeyPassphrase=youwish
EAP-Identity=skybert

The corresponding, working, wpa_supplicant block was:

network={
   ssid="foo"
   key_mgmt=WPA-EAP
   proto=WPA2
   eap=TLS
   identity="skybert"
   client_cert="/var/lib/wireless/skybert.pem"
   private_key="/var/lib/wireless/skybert.des3.key"
   private_key_passwd="youwish"
}

OS

❯ lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description:    Debian GNU/Linux 10 (buster)
Release:        10
Codename:       buster

(trying to) read the source

From what I can tell, it’s ell/ell/pem.c (called from iwd/src/eap-tls-common.c) which cannot load the certificate, but that’s as far as I’ve come. The error message is the same if the path exists or if it doesn’t.

Any help would be much appreciated.


Get this bounty!!!

#StackBounty: #wifi #key-authentication #iwd iwd with EAP-TLS fails with 'Failed to load <pem>'

Bounty: 50

I want to connect to an EAP-TLS access point using iwd, however this fails because it apparently cannot open my client key:

# iwctl
[iwd]# station wlan0 connect foo
Not configured

iwd says:

src/network.c:network_connect() 
src/network.c:network_connect_8021x() 
Failed to load /var/lib/wireless/skybert.pem

My kernel is the latest stable one and I’ve enabled CONFIG_PKCS8_PRIVATE_KEY_PARSER:

# uname -r
5.2.1
# lsmod | grep pkcs8_key_parser
pkcs8_key_parser       16384  0

iwd

# /usr/libexec/iwd --version
0.18
# export IWD_TLS_DEBUG=1
# /usr/libexec/iwd -d
[..]
src/network.c:network_connect() 
src/network.c:network_connect_8021x() 
Failed to load /var/lib/wireless/skybert.pem

/var/lib/iwd/foo.8021x

[Security]
EAP-Method=TLS
EAP-TLS-ClientCert=/var/lib/wirelss/skybert.pem
EAP-TLS-ClientKey=/var/lib/wireless/skybert.des3.key 
EAP-TLS-ClientKeyPassphrase=youwish
EAP-Identity=skybert

The corresponding, working, wpa_supplicant block was:

network={
   ssid="foo"
   key_mgmt=WPA-EAP
   proto=WPA2
   eap=TLS
   identity="skybert"
   client_cert="/var/lib/wireless/skybert.pem"
   private_key="/var/lib/wireless/skybert.des3.key"
   private_key_passwd="youwish"
}

OS

❯ lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description:    Debian GNU/Linux 10 (buster)
Release:        10
Codename:       buster

(trying to) read the source

From what I can tell, it’s ell/ell/pem.c (called from iwd/src/eap-tls-common.c) which cannot load the certificate, but that’s as far as I’ve come. The error message is the same if the path exists or if it doesn’t.

Any help would be much appreciated.


Get this bounty!!!

#StackBounty: #wifi #key-authentication #iwd iwd with EAP-TLS fails with 'Failed to load <pem>'

Bounty: 50

I want to connect to an EAP-TLS access point using iwd, however this fails because it apparently cannot open my client key:

# iwctl
[iwd]# station wlan0 connect foo
Not configured

iwd says:

src/network.c:network_connect() 
src/network.c:network_connect_8021x() 
Failed to load /var/lib/wireless/skybert.pem

My kernel is the latest stable one and I’ve enabled CONFIG_PKCS8_PRIVATE_KEY_PARSER:

# uname -r
5.2.1
# lsmod | grep pkcs8_key_parser
pkcs8_key_parser       16384  0

iwd

# /usr/libexec/iwd --version
0.18
# export IWD_TLS_DEBUG=1
# /usr/libexec/iwd -d
[..]
src/network.c:network_connect() 
src/network.c:network_connect_8021x() 
Failed to load /var/lib/wireless/skybert.pem

/var/lib/iwd/foo.8021x

[Security]
EAP-Method=TLS
EAP-TLS-ClientCert=/var/lib/wirelss/skybert.pem
EAP-TLS-ClientKey=/var/lib/wireless/skybert.des3.key 
EAP-TLS-ClientKeyPassphrase=youwish
EAP-Identity=skybert

The corresponding, working, wpa_supplicant block was:

network={
   ssid="foo"
   key_mgmt=WPA-EAP
   proto=WPA2
   eap=TLS
   identity="skybert"
   client_cert="/var/lib/wireless/skybert.pem"
   private_key="/var/lib/wireless/skybert.des3.key"
   private_key_passwd="youwish"
}

OS

❯ lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description:    Debian GNU/Linux 10 (buster)
Release:        10
Codename:       buster

(trying to) read the source

From what I can tell, it’s ell/ell/pem.c (called from iwd/src/eap-tls-common.c) which cannot load the certificate, but that’s as far as I’ve come. The error message is the same if the path exists or if it doesn’t.

Any help would be much appreciated.


Get this bounty!!!

#StackBounty: #wifi #key-authentication #iwd iwd with EAP-TLS fails with 'Failed to load <pem>'

Bounty: 50

I want to connect to an EAP-TLS access point using iwd, however this fails because it apparently cannot open my client key:

# iwctl
[iwd]# station wlan0 connect foo
Not configured

iwd says:

src/network.c:network_connect() 
src/network.c:network_connect_8021x() 
Failed to load /var/lib/wireless/skybert.pem

My kernel is the latest stable one and I’ve enabled CONFIG_PKCS8_PRIVATE_KEY_PARSER:

# uname -r
5.2.1
# lsmod | grep pkcs8_key_parser
pkcs8_key_parser       16384  0

iwd

# /usr/libexec/iwd --version
0.18
# export IWD_TLS_DEBUG=1
# /usr/libexec/iwd -d
[..]
src/network.c:network_connect() 
src/network.c:network_connect_8021x() 
Failed to load /var/lib/wireless/skybert.pem

/var/lib/iwd/foo.8021x

[Security]
EAP-Method=TLS
EAP-TLS-ClientCert=/var/lib/wirelss/skybert.pem
EAP-TLS-ClientKey=/var/lib/wireless/skybert.des3.key 
EAP-TLS-ClientKeyPassphrase=youwish
EAP-Identity=skybert

The corresponding, working, wpa_supplicant block was:

network={
   ssid="foo"
   key_mgmt=WPA-EAP
   proto=WPA2
   eap=TLS
   identity="skybert"
   client_cert="/var/lib/wireless/skybert.pem"
   private_key="/var/lib/wireless/skybert.des3.key"
   private_key_passwd="youwish"
}

OS

❯ lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description:    Debian GNU/Linux 10 (buster)
Release:        10
Codename:       buster

(trying to) read the source

From what I can tell, it’s ell/ell/pem.c (called from iwd/src/eap-tls-common.c) which cannot load the certificate, but that’s as far as I’ve come. The error message is the same if the path exists or if it doesn’t.

Any help would be much appreciated.


Get this bounty!!!

#StackBounty: #wifi #key-authentication #iwd iwd with EAP-TLS fails with 'Failed to load <pem>'

Bounty: 50

I want to connect to an EAP-TLS access point using iwd, however this fails because it apparently cannot open my client key:

# iwctl
[iwd]# station wlan0 connect foo
Not configured

iwd says:

src/network.c:network_connect() 
src/network.c:network_connect_8021x() 
Failed to load /var/lib/wireless/skybert.pem

My kernel is the latest stable one and I’ve enabled CONFIG_PKCS8_PRIVATE_KEY_PARSER:

# uname -r
5.2.1
# lsmod | grep pkcs8_key_parser
pkcs8_key_parser       16384  0

iwd

# /usr/libexec/iwd --version
0.18
# export IWD_TLS_DEBUG=1
# /usr/libexec/iwd -d
[..]
src/network.c:network_connect() 
src/network.c:network_connect_8021x() 
Failed to load /var/lib/wireless/skybert.pem

/var/lib/iwd/foo.8021x

[Security]
EAP-Method=TLS
EAP-TLS-ClientCert=/var/lib/wirelss/skybert.pem
EAP-TLS-ClientKey=/var/lib/wireless/skybert.des3.key 
EAP-TLS-ClientKeyPassphrase=youwish
EAP-Identity=skybert

The corresponding, working, wpa_supplicant block was:

network={
   ssid="foo"
   key_mgmt=WPA-EAP
   proto=WPA2
   eap=TLS
   identity="skybert"
   client_cert="/var/lib/wireless/skybert.pem"
   private_key="/var/lib/wireless/skybert.des3.key"
   private_key_passwd="youwish"
}

OS

❯ lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description:    Debian GNU/Linux 10 (buster)
Release:        10
Codename:       buster

(trying to) read the source

From what I can tell, it’s ell/ell/pem.c (called from iwd/src/eap-tls-common.c) which cannot load the certificate, but that’s as far as I’ve come. The error message is the same if the path exists or if it doesn’t.

Any help would be much appreciated.


Get this bounty!!!

#StackBounty: #wifi #key-authentication #iwd iwd with EAP-TLS fails with 'Failed to load <pem>'

Bounty: 50

I want to connect to an EAP-TLS access point using iwd, however this fails because it apparently cannot open my client key:

# iwctl
[iwd]# station wlan0 connect foo
Not configured

iwd says:

src/network.c:network_connect() 
src/network.c:network_connect_8021x() 
Failed to load /var/lib/wireless/skybert.pem

My kernel is the latest stable one and I’ve enabled CONFIG_PKCS8_PRIVATE_KEY_PARSER:

# uname -r
5.2.1
# lsmod | grep pkcs8_key_parser
pkcs8_key_parser       16384  0

iwd

# /usr/libexec/iwd --version
0.18
# export IWD_TLS_DEBUG=1
# /usr/libexec/iwd -d
[..]
src/network.c:network_connect() 
src/network.c:network_connect_8021x() 
Failed to load /var/lib/wireless/skybert.pem

/var/lib/iwd/foo.8021x

[Security]
EAP-Method=TLS
EAP-TLS-ClientCert=/var/lib/wirelss/skybert.pem
EAP-TLS-ClientKey=/var/lib/wireless/skybert.des3.key 
EAP-TLS-ClientKeyPassphrase=youwish
EAP-Identity=skybert

The corresponding, working, wpa_supplicant block was:

network={
   ssid="foo"
   key_mgmt=WPA-EAP
   proto=WPA2
   eap=TLS
   identity="skybert"
   client_cert="/var/lib/wireless/skybert.pem"
   private_key="/var/lib/wireless/skybert.des3.key"
   private_key_passwd="youwish"
}

OS

❯ lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description:    Debian GNU/Linux 10 (buster)
Release:        10
Codename:       buster

(trying to) read the source

From what I can tell, it’s ell/ell/pem.c (called from iwd/src/eap-tls-common.c) which cannot load the certificate, but that’s as far as I’ve come. The error message is the same if the path exists or if it doesn’t.

Any help would be much appreciated.


Get this bounty!!!

#StackBounty: #wifi #key-authentication #iwd iwd with EAP-TLS fails with 'Failed to load <pem>'

Bounty: 50

I want to connect to an EAP-TLS access point using iwd, however this fails because it apparently cannot open my client key:

# iwctl
[iwd]# station wlan0 connect foo
Not configured

iwd says:

src/network.c:network_connect() 
src/network.c:network_connect_8021x() 
Failed to load /var/lib/wireless/skybert.pem

My kernel is the latest stable one and I’ve enabled CONFIG_PKCS8_PRIVATE_KEY_PARSER:

# uname -r
5.2.1
# lsmod | grep pkcs8_key_parser
pkcs8_key_parser       16384  0

iwd

# /usr/libexec/iwd --version
0.18
# export IWD_TLS_DEBUG=1
# /usr/libexec/iwd -d
[..]
src/network.c:network_connect() 
src/network.c:network_connect_8021x() 
Failed to load /var/lib/wireless/skybert.pem

/var/lib/iwd/foo.8021x

[Security]
EAP-Method=TLS
EAP-TLS-ClientCert=/var/lib/wirelss/skybert.pem
EAP-TLS-ClientKey=/var/lib/wireless/skybert.des3.key 
EAP-TLS-ClientKeyPassphrase=youwish
EAP-Identity=skybert

The corresponding, working, wpa_supplicant block was:

network={
   ssid="foo"
   key_mgmt=WPA-EAP
   proto=WPA2
   eap=TLS
   identity="skybert"
   client_cert="/var/lib/wireless/skybert.pem"
   private_key="/var/lib/wireless/skybert.des3.key"
   private_key_passwd="youwish"
}

OS

❯ lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description:    Debian GNU/Linux 10 (buster)
Release:        10
Codename:       buster

(trying to) read the source

From what I can tell, it’s ell/ell/pem.c (called from iwd/src/eap-tls-common.c) which cannot load the certificate, but that’s as far as I’ve come. The error message is the same if the path exists or if it doesn’t.

Any help would be much appreciated.


Get this bounty!!!

#StackBounty: #wifi #key-authentication #iwd iwd with EAP-TLS fails with 'Failed to load <pem>'

Bounty: 50

I want to connect to an EAP-TLS access point using iwd, however this fails because it apparently cannot open my client key:

# iwctl
[iwd]# station wlan0 connect foo
Not configured

iwd says:

src/network.c:network_connect() 
src/network.c:network_connect_8021x() 
Failed to load /var/lib/wireless/skybert.pem

My kernel is the latest stable one and I’ve enabled CONFIG_PKCS8_PRIVATE_KEY_PARSER:

# uname -r
5.2.1
# lsmod | grep pkcs8_key_parser
pkcs8_key_parser       16384  0

iwd

# /usr/libexec/iwd --version
0.18
# export IWD_TLS_DEBUG=1
# /usr/libexec/iwd -d
[..]
src/network.c:network_connect() 
src/network.c:network_connect_8021x() 
Failed to load /var/lib/wireless/skybert.pem

/var/lib/iwd/foo.8021x

[Security]
EAP-Method=TLS
EAP-TLS-ClientCert=/var/lib/wirelss/skybert.pem
EAP-TLS-ClientKey=/var/lib/wireless/skybert.des3.key 
EAP-TLS-ClientKeyPassphrase=youwish
EAP-Identity=skybert

The corresponding, working, wpa_supplicant block was:

network={
   ssid="foo"
   key_mgmt=WPA-EAP
   proto=WPA2
   eap=TLS
   identity="skybert"
   client_cert="/var/lib/wireless/skybert.pem"
   private_key="/var/lib/wireless/skybert.des3.key"
   private_key_passwd="youwish"
}

OS

❯ lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description:    Debian GNU/Linux 10 (buster)
Release:        10
Codename:       buster

(trying to) read the source

From what I can tell, it’s ell/ell/pem.c (called from iwd/src/eap-tls-common.c) which cannot load the certificate, but that’s as far as I’ve come. The error message is the same if the path exists or if it doesn’t.

Any help would be much appreciated.


Get this bounty!!!