[Pkg-utopia-maintainers] Bug#717559: network-manager does not honour ignore option for expired PEAP ssl certificate
Ben Caradoc-Davies
Ben.Caradoc-Davies at csiro.au
Mon Jul 22 09:50:01 UTC 2013
Package: network-manager
Version: 0.9.8.0-5
Severity: normal
Dear Maintainer,
when connecting to a WPA2 enterprise WiFi with an expired PEAP certificate,
network-manager sets "system-ca-certs=true" in the connection profile despite
being told not to. Attempted connections have /var/log/daemon.log with
"TLS: Certificate verification failed, error 10 (certificate has expired)" and
"CTRL-EVENT-EAP-TLS-CERT-ERROR" and "SSL: SSL3 alert: write (local SSL3
detected an error):fatal:certificate expired".
Problem and workaround looks the same as the ubuntu report here:
https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1104476
Workaround: Edit the profile in /etc/NetworkManager/system-connections/ and
change "system-ca-certs=true" to "system-ca-certs=false". Restart network-
manager; it then removes this line. Connections succeed.
Kind regards,
Ben.
-- System Information:
Debian Release: jessie/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.10-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages network-manager depends on:
ii adduser 3.113+nmu3
ii dbus 1.6.12-1
ii isc-dhcp-client 4.2.4-7
ii libc6 2.17-7
ii libdbus-1-3 1.6.12-1
ii libdbus-glib-1-2 0.100.2-1
ii libgcrypt11 1.5.2-3
ii libglib2.0-0 2.36.3-3
ii libgnutls26 2.12.23-5
ii libgudev-1.0-0 175-7.2
ii libnl-3-200 3.2.21-1
ii libnl-genl-3-200 3.2.21-1
ii libnl-route-3-200 3.2.21-1
ii libnm-glib4 0.9.8.0-5
ii libnm-util2 0.9.8.0-5
ii libpolkit-gobject-1-0 0.105-3
ii libuuid1 2.20.1-5.5
ii lsb-base 4.1+Debian12
ii udev 175-7.2
ii wpasupplicant 1.0-3+b2
Versions of packages network-manager recommends:
ii crda 1.1.2-1
ii dnsmasq-base 2.66-3
ii iptables 1.4.19.1-1
ii modemmanager 0.5.2.0-2
ii policykit-1 0.105-3
ii ppp 2.4.5-5.2
Versions of packages network-manager suggests:
ii avahi-autoipd 0.6.31-2
-- Configuration Files:
/etc/NetworkManager/NetworkManager.conf changed [not included]
/etc/polkit-1/localauthority/10-vendor.d/org.freedesktop.NetworkManager.pkla [Errno 13] Permission denied: u'/etc/polkit-1/localauthority/10-vendor.d/org.freedesktop.NetworkManager.pkla'
-- no debconf information
More information about the Pkg-utopia-maintainers
mailing list