EDV:EDUROAM: Difference between revisions
No edit summary |
No edit summary |
||
Line 2: | Line 2: | ||
[https://www.urz.uni-heidelberg.de/de/eduroam URZ Eduroam (deutsch)], [https://www.urz.uni-heidelberg.de/en/eduroam URZ Eduroam (english)] |
[https://www.urz.uni-heidelberg.de/de/eduroam URZ Eduroam (deutsch)], [https://www.urz.uni-heidelberg.de/en/eduroam URZ Eduroam (english)] |
||
Important infos are also available here (login required): |
|||
https://portal.kip.uni-heidelberg.de/x2go |
|||
== Problems while updating eduroam certificates == |
== Problems while updating eduroam certificates == |
Revision as of 11:02, 6 June 2019
A manual for different operating systems is available from the URZ:
URZ Eduroam (deutsch), URZ Eduroam (english)
Problems while updating eduroam certificates
Windows
If no longer a connection to eduroam can be established you have to update the certificates by installing eduroam again. You can get the installation tool on Configuration Assistant Tool (CAT).
If it's not able to open a connection after updating the certificates, you have to delete the installed ones. The possibility to do this in Windows is opening the certificate manager "certmgr.msc". There you have to search the certificate "T-TeleSec GlobalRoot Class 2" and remove all that are not valid till 2033. And then also search for certificates from "DFN-Verein Global Issuing CA" and remove all which are not active till 2031.
Linux
For the installation on Linux you first download the installation script of the Universität Heidelberg from Configuration Assistant Tool (CAT) (it's a python script called "eduroam-linux-Universitat_Heidelberg-Standard_ab_2019.py"). After that remove the old profile by opening the configuration form of eduroam on the "NetworkManager" and clicking "forget connection". Then run the script with python.
-> Information page of URZ: auf deutsch, in english
eduroam über wpa_supplicant (Linux)
Hierzu gibt es eine Konfigurationsdatei:
File:Wpa supplicant.conf.txt
Die Datei sollte dann so aussehen:
# path to UNIX socket control interface ctrl_interface=/var/run/wpa_supplicant #eapol_version=1 ap_scan=1 network={ ssid="eduroam" key_mgmt=WPA-EAP eap=TTLS proto=WPA RSN identity="uni-id@uni-heidelberg.de" anonymous_identity="anonymous@uni-heidelberg.de" ca_cert="/etc/ssl/certs/Deutsche_Telekom_Root_CA_2.pem" phase2="auth=PAP" # Hier entweder das Klartext Passwort oder einen Hash davon (mkntpwd) password="xxxx" }
Abspeichern zum Beispiel unter dem Namen eduroam.conf.
Das ganze kann man dann Starten mit:
wpa_supplicant -B -i wlan0 /etc/wpa_supplicant/eduroam.conf
Falls der Daemon schon läuft dann mit folgendem Befehl beenden:
killall -15 wpa_supplicant