[Pkg-utopia-maintainers] Bug#717559: network-manager does not honour ignore option for expired PEAP ssl certificate

Ben Caradoc-Davies Ben.Caradoc-Davies at csiro.au
Mon Jul 22 09:50:01 UTC 2013 

Package: network-manager
Version: 0.9.8.0-5
Severity: normal

Dear Maintainer,

when connecting to a WPA2 enterprise WiFi with an expired PEAP certificate,
network-manager sets "system-ca-certs=true" in the connection profile despite
being told not to. Attempted connections have /var/log/daemon.log with
"TLS: Certificate verification failed, error 10 (certificate has expired)" and
"CTRL-EVENT-EAP-TLS-CERT-ERROR" and "SSL: SSL3 alert: write (local SSL3
detected an error):fatal:certificate expired".

Problem and workaround looks the same as the ubuntu report here:
https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1104476

Workaround: Edit the profile in /etc/NetworkManager/system-connections/ and
change "system-ca-certs=true" to "system-ca-certs=false". Restart network-
manager; it then removes this line. Connections succeed.

Kind regards,
Ben.



-- System Information:
Debian Release: jessie/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.10-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages network-manager depends on:
ii  adduser                3.113+nmu3
ii  dbus                   1.6.12-1
ii  isc-dhcp-client        4.2.4-7
ii  libc6                  2.17-7
ii  libdbus-1-3            1.6.12-1
ii  libdbus-glib-1-2       0.100.2-1
ii  libgcrypt11            1.5.2-3
ii  libglib2.0-0           2.36.3-3
ii  libgnutls26            2.12.23-5
ii  libgudev-1.0-0         175-7.2
ii  libnl-3-200            3.2.21-1
ii  libnl-genl-3-200       3.2.21-1
ii  libnl-route-3-200      3.2.21-1
ii  libnm-glib4            0.9.8.0-5
ii  libnm-util2            0.9.8.0-5
ii  libpolkit-gobject-1-0  0.105-3
ii  libuuid1               2.20.1-5.5
ii  lsb-base               4.1+Debian12
ii  udev                   175-7.2
ii  wpasupplicant          1.0-3+b2

Versions of packages network-manager recommends:
ii  crda          1.1.2-1
ii  dnsmasq-base  2.66-3
ii  iptables      1.4.19.1-1
ii  modemmanager  0.5.2.0-2
ii  policykit-1   0.105-3
ii  ppp           2.4.5-5.2

Versions of packages network-manager suggests:
ii  avahi-autoipd  0.6.31-2

-- Configuration Files:
/etc/NetworkManager/NetworkManager.conf changed [not included]
/etc/polkit-1/localauthority/10-vendor.d/org.freedesktop.NetworkManager.pkla [Errno 13] Permission denied: u'/etc/polkit-1/localauthority/10-vendor.d/org.freedesktop.NetworkManager.pkla'

-- no debconf information

More information about the Pkg-utopia-maintainers mailing list