How do I make wpa_supplicant accept any server certificate for PEAP MSCHAPv2 without having to manually put the public key in the client config?
Asked
Active
Viewed 1.2k times
1 Answers
4
Simply don't include a ca_cert or ca_path tag/value pair in the wpa_supplicant.conf file.
From the example wpa_supplicant.conf file. Note the third sentence (emphasis mine):
# ca_cert: File path to CA certificate file (PEM/DER). This file can have one
# or more trusted CA certificates. If ca_cert and ca_path are not
# included, server certificate will not be verified. This is insecure and
# a trusted CA certificate should always be configured when using
# EAP-TLS/TTLS/PEAP. Full path should be used since working directory may
# change when wpa_supplicant is run in the background.
Spiff
- 110,156