Commit edd9e46e authored by Edwin Carlinet's avatar Edwin Carlinet Committed by Marc Schmitt
Browse files

Wifi doc: notice for TLS < 1.2

parent 82101851
Pipeline #14813 passed with stages
in 58 seconds
......@@ -58,3 +58,29 @@ passphrase and the SSID. Please refer to this
[netctl section](https://wiki.archlinux.org/index.php/netctl#Obfuscate_wireless_passphrase).
You can find other configuration examples in `/etc/netctl/examples/`.
## Troubleshooting
### TLS 1.0/1.1
TLS versions 1.0 and 1.1 are still in use and are being deprecated and disabled
by some operating systems. If `journalctl -e -u wpa_supplicant.service` (the
service name may change depending on your distribution) reports something like:
```
wlp2s0: SME: Trying to authenticate with 9c:5d:12:de:c4:e4 (SSID='IONIS' freq=5180 MHz)
wlp2s0: Trying to associate with 9c:5d:12:de:c4:e4 (SSID='IONIS' freq=5180 MHz)
wlp2s0: Associated with 9c:5d:12:de:c4:e4
wlp2s0: CTRL-EVENT-EAP-STARTED EAP authentication started
wlp2s0: CTRL-EVENT-SUBNET-STATUS-UPDATE status=0
wlp2s0: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=25
wlp2s0: CTRL-EVENT-EAP-METHOD EAP vendor 0 method 25 (PEAP) selected
SSL: SSL3 alert: write (local SSL3 detected an error):fatal:protocol version
OpenSSL: openssl_handshake - SSL_connect error:1425F102:SSL routines:ssl_choose_client_version:unsupported protocol
wlp2s0: CTRL-EVENT-EAP-FAILURE EAP authentication failed
```
You have to allow explicitly the legacy security policies. For Fedora 33+, see
https://fedoraproject.org/wiki/Changes/StrongCryptoSettings2.
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment