Warning
This script was designed to work with the eduroam and polimi-protected networks at Politecnico di Milano, if you are from another university, the configuration file will need to be tweaked.
-
Follow the official instructions in the official Polimi website, in order to obtain a personal
certificate-XXXXXXXX-XXXXXXXX.p12file and to download the eduroam cat script. -
Run the eduroam script to generate the
wpa_supplicantconfigurationpython3 eduroam-linux-PdM-polimi-TLS.py --wpa_conf
-
Open a terminal window, then clone this repository and
cdinto itgit clone https://github.com/collodel/iwd-eduroam-config.git cd iwd-eduroam-config -
In the terminal window, copy
ca.pemanduser.p12from~/.config/cat_installerto the current directory:cp ~/.config/cat_installer/ca.pem ~/.config/cat_installer/user.p12 .
-
Execute the configuration script
./create_config.sh <person_code> ./user.p12 <password_of_p12_cert_file>
-
Move the required files to
/var/lib/iwdsudo mv -vn eduroam.8021x eduroam.crt.pem eduroam.key.pem /var/lib/iwd/ sudo mv -vn ca.pem /var/lib/iwd/eduroam.pem sudo cp -vn /var/lib/iwd/eduroam.8021x /var/lib/iwd/polimi-protected.8021x # needed for the polimi-protected network -
Fix the permissions (if needed)
sudo chown root:root eduroam.8021x eduroam.crt.pem eduroam.key.pem eduroam.pem polimi-protected.8021x
-
Connecting to either network should be working now!
- The main problem in configuring
eduroamwith TLS arises when using the.p12file, that contains at the same time both the user certificate and the private key. This script mainly extracts these two different files from the.p12file in order for iwd to be able to use them separately (TODO: there seems to existEAP-TLS-ClientKeyBundleas an option here that takes the.p12file directly). - The eduroam configuration with TTLS seems to work only with
polimi-protected, so I think this is the best way to configureeduroamat Polimi.