0

I'm using a RaspberryPi 4 (4GB) and I was able to set up /etc/wpa_supplicant/wpa_supplicant.conf with all needed certificates properly, to authenticate at our companys wifi:

ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1
country=US

fast_reauth=1

network={
    ssid="WIFI-Com"
    scan_ssid=1
    key_mgmt=WPA-EAP IEEE8021X
    pairwise=CCMP
    group=CCMP
    eap=TLS
    identity="[email protected]"
    ca_cert="/etc/cert/ca.pem"
    client_cert="/etc/cert/client.pem"
    private_key="/etc/cert/clientkey.pem"
}


Using wpa_supplicant -i wlan0 -D wext -c /etc/wpa_supplicant/wpa_supplicant.conf for testing, it's authenticating perfectly and obtaining a vaild IP:

Successfully initialized wpa_supplicant
ioctl[SIOCSIWENCODEEXT]: Invalid argument
ioctl[SIOCSIWENCODEEXT]: Invalid argument
wlan0: Trying to associate with 00:5d:71:c9:4d:ef (SSID='WIFI-Com' freq=5320 MHz)
FT: Invalid group cipher (0)
Failed to add supported operating classes IE
wlan0: Associated with 00:5d:71:c9:4d:ef
wlan0: CTRL-EVENT-EAP-STARTED EAP authentication started
wlan0: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=13
tls_connection_set_params: Clearing pending SSL error: error:14187180:SSL routines:ssl_do_config:bad value
tls_connection_set_params: Clearing pending SSL error: error:14187180:SSL routines:ssl_do_config:bad value
wlan0: CTRL-EVENT-EAP-METHOD EAP vendor 0 method 13 (TLS) selected
wlan0: CTRL-EVENT-EAP-PEER-CERT depth=1 subject='/DC=com/DC=company/CN=Company Certification Authority' hash=53e1f7164f972fccfa24dc5dee64e362bed56ea014995fd990c760dd873760a7
wlan0: CTRL-EVENT-EAP-PEER-CERT depth=0 subject='/C=COM/L=NewYork/O=Company/CN=eap.comp.com' hash=d586970276d8076bd01cdbd4258452ea291d72af282fefa80fd8f8ef55e0c471
wlan0: CTRL-EVENT-EAP-SUCCESS EAP authentication completed successfully
wlan0: PMKSA-CACHE-ADDED 00:5d:71:c9:4d:ef 0
wlan0: WPA: Key negotiation completed with 00:5d:71:c9:4d:ef [PTK=CCMP GTK=CCMP]
wlan0: CTRL-EVENT-CONNECTED - Connection to 00:5d:71:c9:4d:ef completed [id=0 id_str=]

$ ifconfig
wlan0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 10.128.131.109  netmask 255.255.255.0  broadcast 10.188.139.255
        inet6 fe80::4665:3320:1509:a176  prefixlen 64  scopeid 0x20<link>
        ether dc:a6:32:2d:3e:e2  txqueuelen 1000  (Ethernet)
        RX packets 4329  bytes 1559945 (1.4 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 5734  bytes 2019622 (1.9 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0


If I reboot the Pi and run ps auxwww | grep wpa its supposed to connect to my wifi, as it is using the command given above. But it's not, instead it used driver nl80211. From what I experienced, it's only authenticating properly using exclusively -D wext. Where can I edit the -D parameters, that are used while booting?

root       334  ..   0:00 /sbin/wpa_supplicant -u -s -O /run/wpa_supplicant
root       440  ..   0:00 wpa_supplicant -B -c/etc/wpa_supplicant/wpa_supplicant.conf -iwlan0 -Dnl80211,wext
pi         721  ..   0:00 grep --color=auto wpa
Improve this question

2 Answers 2

Reset to default
2

Instead of modifying /lib/dhcpcd/dhcpcd-hooks/10-wpa_supplicant you can just add

env wpa_supplicant_driver=wext

to the end of /etc/dhcpcd.conf.

Improve this answer
1

I was able figure it out. For some reason it used nl80211 instead of wext and I removed every nl80211 entry in /lib/dhcpcd/dhcpcd-hooks/10-wpa_supplicant.

Pretty special case and maybe not the common way, but done the trick.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .