Wpa supplicant: Difference between revisions
→eduroam: Add information regarding certificate location for NixOS Unstable and 26.05+ users |
→Restrictions on Certificate Location: Added hint for editing NetworkManager connections when using eduroam. |
||
| (One intermediate revision by one other user not shown) | |||
| Line 125: | Line 125: | ||
=== Restrictions on Certificate Location === | === Restrictions on Certificate Location === | ||
For certificate-based setups, due to security hardening for wpa_supplicant in NixOS 26.05 and later | For certificate-based setups, due to security hardening for wpa_supplicant in NixOS 26.05 and later users of wpa_supplicant face restrictions on where eduroam certificates can be stored<ref>https://discourse.nixos.org/t/breaking-changes-announcement-for-unstable/17574/116</ref>. Certificates should be placed in either <code>/etc/ssl/certs</code> or <code>/etc/wpa_supplicant</code> and should be owned by (or accessible to) the wpa_supplicant user. | ||
Some eduroam configuration scripts may hardcode paths in its relevant <code>/etc/NetworkManager/system-connections/<connection>.nmconnection</code>. In this case, editing the <code>ca-cert</code>, <code>client-cert</code>, and <code>private-key</code> to point at their new location should suffice. | |||
== WEP support == | == WEP support == | ||