Changes
no edit summary
* Select '''WPA & WPA2 Enterprise''' from the 'Security' drop-down menu
* Choose '''TLS''' as the authentication type from the 'Authentication' drop-down menu
* Type in your {{{identity|PID}}} in the 'Identity' text box
* To get 'User Certificate':
* Check "Use these settings for all networks sharing this essid"
* Select '''EAP-TLS''' from the dropdown menu.
* For identity, enter your {{{identity|PID}}}.
* For private key, enter the path to your downloaded p12 file.
* Enter your private key password.
* For the Path to CA Cert, enter '''{{{ca_cert}}}/etc/ssl/certs/GlobalSign_Root_CA.pem'''
* Hit OK
* Check "Automatically connect to this network"
Tested on [[Arch Linux]] with netcfg 3.0 (updated on 2013-04-12).
* Create a file, '''/etc/network.d/{{{ssid}}}VT-Wireless''' and place this in it:<br />
CONNECTION='wireless'
INTERFACE='wlan0'
SECURITY='wpa-configsection'
ESSID='{{{ssid}}}VT-Wireless'
IP='dhcp'
IP6='stateless'
CONFIGSECTION='
ssid="{{{ssid}}}VT-Wireless"
proto=RSN
key_mgmt=WPA-EAP
private_key="PATH TO YOUR PRIVATE KEY"
private_key_passwd="YOUR PRIVATE KEY PASSWORD"
ca_cert="{{{ca_cert}}}/etc/ssl/certs/GlobalSign_Root_CA.pem"
'
Make sure to change '''identity''' to your {{{identity|PID}}}, '''private_key''' to the path to your downloaded p12 file, and '''private_key_passwd''' to the password for your private key.
* After creating this file, make sure to change the owner to root (<code>sudo chown root:root /etc/network.d/{{{ssid}}}VT-Wireless</code>) and change the permissions so that it can be read only by the owner (<code>sudo chmod 0600 /etc/network.d/{{{ssid}}}VT-Wireless</code>). This will ensure that your private key password cannot be read by others easily.
* To connect, simply type the following in a terminal:
sudo netcfg {{{ssid}}}VT-Wireless
==netctl==
Tested on [[Arch Linux]] with netctl 0.8 (updated on 2013-04-12).
* Create a file, '''/etc/netctl/{{{ssid}}}VT-Wireless''' and place this in it: Description="{{{ssid}}} VT-Wireless EAP-TLS"
Interface=wlan0
Connection=wireless
WPAConfigSection=(
'ssid="{{{ssid}}}VT-Wireless"'
'proto=RSN'
'key_mgmt=WPA-EAP'
'private_key="PATH TO YOUR PRIVATE KEY"'
'private_key_passwd="YOUR PRIVATE KEY PASSWORD"'
'ca_cert="{{{ca_cert}}}/etc/ssl/certs/GlobalSign_Root_CA.pem"'
)
Make sure to change '''identity''' to your {{{identity|PID}}}, '''private_key''' to the path to your downloaded p12 file, and '''private_key_passwd''' to the password for your private key.
* After creating this file, make sure to change the owner to root (<code>sudo chown root:root /etc/netctl/{{{ssid}}}VT-Wireless</code>) and change the permissions so that it can be read only by the owner (<code>sudo chmod 0600 /etc/netctl/{{{ssid}}}VT-Wireless</code>). This will ensure that your private key password cannot be read by others easily.
* To connect, simply type the following in a terminal:
sudo netctl start {{{ssid}}}VT-Wireless
==wpa_supplicant==
* Place this at the bottom of your '''/etc/wpa_supplicant.conf''':
network={
ssid="{{{ssid}}}VT-Wireless"
proto=RSN
key_mgmt=WPA-EAP
private_key="PATH TO YOUR PRIVATE KEY"
private_key_passwd="YOUR PRIVATE KEY PASSWORD"
ca_cert="{{{ca_cert}}}/etc/ssl/certs/GlobalSign_Root_CA.pem"
}
Make sure to change '''identity''' to your {{{identity|PID}}}, '''private_key''' to the path to your downloaded p12 file, and '''private_key_passwd''' to the password for your private key.
* To connect, simply start wpa_supplicant as you would manually, for example:
* Leave '''CA certificate''' at '''(unspecified)'''.
* Change '''User certificate''' to the name of the certificate you installed for this network.
* For '''Identity''', you may leave it blank or enter your {{{identity|PID}}}, depending on network.
* Leave all other fields blank.