[SOLVED] IWD won't connect to eduroam (bad cert)

mithrial · 2024-10-08 06:23:49

I have a followup on this solved thread: https://bbs.archlinux.org/viewtopic.php?id=291921

When using IWD, I can't connect to eduroam. It works with wpa_supplicant.

This is the /var/lib/iwd/eduroam.8021x file:

[Security]
EAP-Method=PEAP
EAP-Identity=username@domain.com
EAP-PEAP-CACert=/var/lib/iwd/eduroam.pem
EAP-PEAP-ServerDomainMask=edu1.domain.com;edu2.domain.com
EAP-PEAP-Phase2-Method=MSCHAPV2
EAP-PEAP-Phase2-Identity=username@domain.com
EAP-PEAP-Phase2-Password=mypassword

[Setting]
AutoConnect=true

Apart from the weird idea to have my EAP-Identity already in cleartext, otherwise I have this entry in the log:

EAP negotiation stopped after the Identity exchange, this can happen when the EAP-Identity value is not what the authenticator expects

it seems to be a misconfigured server but I can live with this.

With IWD_TLS_DEBUG=1 and the --debug flag, I receive the following log entries:

PEAP: tls_handle_handshake:3074 Handling a TLS_SERVER_HELLO of 77 bytes
PEAP: tls_handle_server_hello:2419 Negotiated TLS 1.2
PEAP: tls_handle_server_hello:2455 Negotiated TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
PEAP: tls_handle_server_hello:2466 Negotiated CompressionMethod.null
PEAP: tls_handle_server_hello:2492 New state TLS_HANDSHAKE_WAIT_CERTIFICATE
PEAP: tls_handle_handshake:3074 Handling a TLS_CERTIFICATE of 2994 bytes
PEAP: tls_handle_certificate:2562 Peer certchain written to /tmp/iwd-tls-debug-server-cert.pem
PEAP: tls_handle_certificate:2572 Disconnect desc=bad_certificate local-desc=close_notify reason=Peer certchain verification failed consistency check or against local CA certs: Can't get public key from certificate 34 / 152 in certificate set
PEAP: tls_send_alert:1175 Sending a Fatal Alert: bad_certificate

The eduroam.pem file is the one I get from the eduroam script file which puts it into ~/.config/cat_installer/ca.pem:

OpenSSL tells me that it's using sha1WithRSAEncryption. I know that this was a kernel regression at some point, so I attach my /proc/crypto here: https://0x0.st/XEI3.txt

Grepping for rsa1,sha1 shows me that it's available, right?

$ grep rsa,sha1 /proc/crypto
name         : pkcs1pad(rsa,sha1)

My kernel is 6.11.2 from CachyOS. I'll try other ones (arch and lts) but the configs don't touch crypto stuff.

Last edited by mithrial (2024-10-08 08:42:00)

-thc · 2024-10-08 06:32:04

The certificate posted is actually a copy of the "DigiCert Global Root CA" certificate and unusable for authentication:

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            08:3b:e0:56:90:42:46:b1:a1:75:6a:c9:59:91:c7:4a
        Signature Algorithm: sha1WithRSAEncryption
        Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA
        Validity
            Not Before: Nov 10 00:00:00 2006 GMT
            Not After : Nov 10 00:00:00 2031 GMT
        Subject: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:e2:3b:e1:11:72:de:a8:a4:d3:a3:57:aa:50:a2:
                    8f:0b:77:90:c9:a2:a5:ee:12:ce:96:5b:01:09:20:
                    cc:01:93:a7:4e:30:b7:53:f7:43:c4:69:00:57:9d:
                    e2:8d:22:dd:87:06:40:00:81:09:ce:ce:1b:83:bf:
                    df:cd:3b:71:46:e2:d6:66:c7:05:b3:76:27:16:8f:
                    7b:9e:1e:95:7d:ee:b7:48:a3:08:da:d6:af:7a:0c:
                    39:06:65:7f:4a:5d:1f:bc:17:f8:ab:be:ee:28:d7:
                    74:7f:7a:78:99:59:85:68:6e:5c:23:32:4b:bf:4e:
                    c0:e8:5a:6d:e3:70:bf:77:10:bf:fc:01:f6:85:d9:
                    a8:44:10:58:32:a9:75:18:d5:d1:a2:be:47:e2:27:
                    6a:f4:9a:33:f8:49:08:60:8b:d4:5f:b4:3a:84:bf:
                    a1:aa:4a:4c:7d:3e:cf:4f:5f:6c:76:5e:a0:4b:37:
                    91:9e:dc:22:e6:6d:ce:14:1a:8e:6a:cb:fe:cd:b3:
                    14:64:17:c7:5b:29:9e:32:bf:f2:ee:fa:d3:0b:42:
                    d4:ab:b7:41:32:da:0c:d4:ef:f8:81:d5:bb:8d:58:
                    3f:b5:1b:e8:49:28:a2:70:da:31:04:dd:f7:b2:16:
                    f2:4c:0a:4e:07:a8:ed:4a:3d:5e:b5:7f:a3:90:c3:
                    af:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Subject Key Identifier: 
                03:DE:50:35:56:D1:4C:BB:66:F0:A3:E2:1B:1B:C3:97:B2:3D:D1:55
            X509v3 Authority Key Identifier: 
                03:DE:50:35:56:D1:4C:BB:66:F0:A3:E2:1B:1B:C3:97:B2:3D:D1:55
    Signature Algorithm: sha1WithRSAEncryption
    Signature Value:
        cb:9c:37:aa:48:13:12:0a:fa:dd:44:9c:4f:52:b0:f4:df:ae:
        04:f5:79:79:08:a3:24:18:fc:4b:2b:84:c0:2d:b9:d5:c7:fe:
        f4:c1:1f:58:cb:b8:6d:9c:7a:74:e7:98:29:ab:11:b5:e3:70:
        a0:a1:cd:4c:88:99:93:8c:91:70:e2:ab:0f:1c:be:93:a9:ff:
        63:d5:e4:07:60:d3:a3:bf:9d:5b:09:f1:d5:8e:e3:53:f4:8e:
        63:fa:3f:a7:db:b4:66:df:62:66:d6:d1:6e:41:8d:f2:2d:b5:
        ea:77:4a:9f:9d:58:e2:2b:59:c0:40:23:ed:2d:28:82:45:3e:
        79:54:92:26:98:e0:80:48:a8:37:ef:f0:d6:79:60:16:de:ac:
        e8:0e:cd:6e:ac:44:17:38:2f:49:da:e1:45:3e:2a:b9:36:53:
        cf:3a:50:06:f7:2e:e8:c4:57:49:6c:61:21:18:d5:04:ad:78:
        3c:2c:3a:80:6b:a7:eb:af:15:14:e9:d8:89:c1:b9:38:6c:e2:
        91:6c:8a:ff:64:b9:77:25:57:30:c0:1b:24:a3:e1:dc:e9:df:
        47:7c:b5:b4:24:08:05:30:ec:2d:bd:0b:bf:45:bf:50:b9:a9:
        f3:eb:98:01:12:ad:c8:88:c6:98:34:5f:8d:0a:3c:c6:e9:d5:
        95:95:6d:de

Last edited by -thc (2024-10-08 06:34:25)

mithrial · 2024-10-08 06:57:48

Thanks! I guess, they borked their configuration, right? This certificate is the one embedded in the cat-installer. Hilarious.

I'll see what the debug pem-chain looks like later.

Last edited by mithrial (2024-10-08 06:58:22)

-thc · 2024-10-08 07:14:53

Sorry - my bad.

I prematurely assumed a lower level certificate for authentication.
But your config clearly states "EAP-PEAP-CACert=/var/lib/iwd/eduroam.pem" which is correct.

We need to look at "/tmp/iwd-tls-debug-server-cert.pem".

mithrial · 2024-10-08 08:10:30

Thank you very much for this correction.

This is the chain from iwd: https://0x0.st/XEle.pem
systemd manages the folders, so it was not in /tmp/.. but in /tmp/systemd-private.xxxx-iwd.service-yyyy.

It is not by Digicert but Go Daddy. It seems like this is the solution, right? Just use this dumped chain as certificate?*

*obviously after checking the fingerprint against the published fingerprint.

Last edited by mithrial (2024-10-08 08:13:58)

-thc · 2024-10-08 08:21:13

Now we're getting somewhere - this certificate chain contains two certificates.

The first is for

Subject: CN=ms-eduhsg1.unisg.ch

and is issued by Go Daddy Secure CA 2.

The second is the Go Daddy Secure CA 2 itself.

The correct certificate for "EAP-PEAP-CACert=/var/lib/iwd/eduroam.pem" should be the second one.

mithrial · 2024-10-08 08:41:19

I see. Thanks, so I could use the second one. I did verify that the SHA1 fingerprint is the same as the IT people gave me.

Arch Linux

#1 2024-10-08 06:23:49

[SOLVED] IWD won't connect to eduroam (bad cert)

#2 2024-10-08 06:32:04

Re: [SOLVED] IWD won't connect to eduroam (bad cert)

#3 2024-10-08 06:57:48

Re: [SOLVED] IWD won't connect to eduroam (bad cert)

#4 2024-10-08 07:14:53

Re: [SOLVED] IWD won't connect to eduroam (bad cert)

#5 2024-10-08 08:10:30

Re: [SOLVED] IWD won't connect to eduroam (bad cert)

#6 2024-10-08 08:21:13

Re: [SOLVED] IWD won't connect to eduroam (bad cert)

#7 2024-10-08 08:41:19

Re: [SOLVED] IWD won't connect to eduroam (bad cert)

Board footer