热点2.0 Wi-Fi连接半径ssl握手错误

时间:2019-03-07 09:11:40

标签: android ssl wifi android-wifi hotspot

我们正在尝试使用我们的应用程序配置Hotspot 2.0 Wi-fi连接。 这就是创建Passpoint EAP-TTLS凭据的样子:

WifiEnterpriseConfig wifiEnterpriseConfig = new WifiEnterpriseConfig();
wifiEnterpriseConfig.setDomainSuffixMatch("hotspot.example.com");
wifiEnterpriseConfig.setRealm("hotspot.example.com");
wifiEnterpriseConfig.setEapMethod(WifiEnterpriseConfig.Eap.TTLS);
wifiEnterpriseConfig.setPhase2Method(WifiEnterpriseConfig.Phase2.MSCHAPV2);
wifiEnterpriseConfig.setIdentity("example");
wifiEnterpriseConfig.setPassword("example");
wifiEnterpriseConfig.setCaCertificate(cert); // getting cert part is omitted

WifiConfiguration wifiConfiguration = new WifiConfiguration();
wifiConfiguration.FQDN = "hotspot.example.com";
wifiConfiguration.providerFriendlyName = "hotspot.example.com";
wifiConfiguration.roamingConsortiumIds = new long[]{111111};
wifiConfiguration.enterpriseConfig = wifiEnterpriseConfig;

int netId = wifiManager.addNetwork(wifiConfiguration);
wifiManager.enableNetwork(netId, true);

设备正在尝试连接到Wi-Fi,但在ssl Radius服务器证书验证阶段失败,并显示以下错误:

2019-03-05 16:52:30.718 22634-22634/? W/wpa_supplicant: TLS: Certificate verification failed, error 2 (unable to get issuer certificate) depth 1 for '/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=Thawte RSA CA 2018'
2019-03-05 16:52:30.718 22634-22634/? I/wpa_supplicant: wlan0: CTRL-EVENT-EAP-TLS-CERT-ERROR reason=1 depth=1 subject='/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=Thawte RSA CA 2018' err='unable to get issuer certificate'

我们的Radius服务器具有由中间证书签名的证书。中间证书由系统中受信任的根证书签名(仔细检查)。因此,我们使用方法wifiEnterpriseConfig.setCaCertificate指定中间证书。我们做对了还是错过了什么?

为什么我们必须手动设置一些证书?为什么不能仅通过系统根证书来验证redius服务器?

有人知道为什么会出现问题以及如何解决吗?欢迎任何建议!

0 个答案:

没有答案
相关问题
最新问题