Server : Apache System : Linux server1.cgrithy.com 3.10.0-1160.95.1.el7.x86_64 #1 SMP Mon Jul 24 13:59:37 UTC 2023 x86_64 User : nobody ( 99) PHP Version : 8.1.23 Disable Function : NONE Directory : /usr/share/doc/wpa_supplicant-2.6/examples/ |
# EAP-TLS using private key and certificates via OpenSSL PKCS#11 engine and # openCryptoki (e.g., with TPM token) # This example uses following PKCS#11 objects: # $ pkcs11-tool --module /usr/lib/opencryptoki/libopencryptoki.so -O -l # Please enter User PIN: # Private Key Object; RSA # label: rsakey # ID: 04 # Usage: decrypt, sign, unwrap # Certificate Object, type = X.509 cert # label: ca # ID: 01 # Certificate Object, type = X.509 cert # label: cert # ID: 04 # Configure OpenSSL to load the PKCS#11 engine and openCryptoki module pkcs11_engine_path=/usr/lib/engines/engine_pkcs11.so pkcs11_module_path=/usr/lib/opencryptoki/libopencryptoki.so network={ ssid="test network" key_mgmt=WPA-EAP eap=TLS identity="User" # use OpenSSL PKCS#11 engine for this network engine=1 engine_id="pkcs11" # select the private key and certificates based on ID (see pkcs11-tool # output above) key_id="4" cert_id="4" ca_cert_id="1" # set the PIN code; leave this out to configure the PIN to be requested # interactively when needed (e.g., via wpa_gui or wpa_cli) pin="123456" }