19

I have a WPA Enterprise PEAP connection that asks me for the WiFi password and CA certificate every time I am at the login screen.

I don't have a CA certificate for my schools WiFi connection.

This is on ubuntu 14.04 This warning keeps coming again and again. I keep click ignore and click "Don't warn me again" But the error keeps coming up.

Also, I have tried changing going to 

etc/NetworkManager/system-connections

finding the my connection and changing the line

system-ca-certs=true

to

system-ca-certs=false

But that did not help at all. enter image description here

Gaurav
  • 441
  • Can you paste here exact message about CA certificate? Of course you can remove all secure names from text, if you want – c0rp Apr 28 '14 at 12:26
  • http://imgur.com/U7AGqb9 – Gaurav Apr 28 '14 at 12:30
  • You are check Don't warn me again and click Ignore and this Warning is appear again and again? – c0rp Apr 28 '14 at 12:53
  • This warning keeps coming again and again. I found a solution and will post it after 8 hours. – Gaurav Apr 28 '14 at 13:15
  • I have the same issue, it seems to be a bug in 14.04LTS. I can't give it sign of approval for our use due to this issue. 12.04LTS worked fine on the same network. –  Apr 29 '14 at 15:57

4 Answers4

15

The warning was happening again and again. What I ended up doing was first I did this I clicked the "Choose a Certificate Authority certificate..."

Then I went to "/usr/share/ca-certificates/mozilla/AddTrust_External_Root.crt" and Added that as my certificate.

The certificate error went away but the password prompt for the WiFi did not

So I went to "Edit Connections" and selected my wireless connection.

Then I went to "General" tab and unticked "All users may connect to this network"

No more CA prompt or wireless password prompt.

Gaurav
  • 441
  • 2
    I found that going to the "General" tab and unticking "All users may connect to this network", then re-adding the password in the "Wi-Fi Security" tab is the only thing I needed to do. – Nathan J.B. Mar 02 '15 at 17:45
1

Some schools and organizations use EAP based authentication without a CA signed certificate, usually because of the costs involved. This warning message is basically the same thing as your web-browser warning about invalid or unsigned SSL certificates for websites. If you trust the certificate used for the connection, you can click the "Don't Warn Me Again" box and then select Ignore and Network Manager should store the credentials for use next time you connect.

0xSheepdog
  • 340
  • 3
  • 16
  • 1
    Thanks, but that hasn't been working. I found a solution and will post it after 8 hours. – Gaurav Apr 28 '14 at 13:16
  • Gotcha, thanks Ben. You may want to add to your question that you have tried those things. It is hard to tell on this forum when someone has done the obvious steps and is still unsuccessful, or when they are just flailing about asking for help without trying things. =) And thanks for sharing your solution, when you can; helpful answers are what makes this community exceptional. – 0xSheepdog Apr 28 '14 at 13:19
1

I had the dialog popping up, but without removing system-ca-certs I kept getting a failure to connect to the network related to the self-signed certificate. Once I removed the system-ca-certs flag entirely, then I could at least connect to my network using my credentials. So, that was odd. Next, I selected a root cert as someone suggested, and the dialog annoyance went away. I then noticed the system-ca-certs was back, but oddly enough everything connected fine. So, something definitely buggy there, but the way that worked out doesn't make it clear as to what it is.

Wade Chandler
  • 11
1

Following Ben Banks and user276463 answers I solved the problem with the following steps.

  1. Try to connect using the wifi menu. It fails and asks for the password again.
  2. Disconnect the wifi from menu after being asked for the password again.
  3. Edit /etc/NetworkManager/system-connections/CONNECTION_NAME and delete the line system-ca-certs=true
  4. Connect again using the wifi menu. This time it works.
paulinus
  • 111