WPA2 Enterprise connection
Re: WPA2 Enterprise connection
Oh, I might know why some got it to work. Those that have it working, could you please confirm that instead of Arduino IDE https://github.com/espressif/arduino-esp32, you use the official ESP-IDF https://github.com/espressif/esp-idf?
"Ukranian computer engineer"
Re: WPA2 Enterprise connection
I have the same issue to connect the ESP32 to the WiFi using WPA2 Enterprise (PEAP). This connection does not use certificates, it just need the identity and password. The code I'm using is the one bellow:
The ESP32 gives the following error:
Code: Select all
/*
* This example shows how to use WPA2 enterprise
* Written by: Jeroen Beemster
* 12 July 2017
* Version 1.00
*/
#include "esp_wpa2.h"
#include <WiFi.h>
const char *ssid = "MySSID"; // The SSID
#define EAP_ID "MyID" // This is the identity, the email address in my network.
#define EAP_USERNAME "myUsername" // Tried with or without it, without success.
#define EAP_PASSWORD "MyPassword"
void setup()
{
Serial.begin(9600);
delay(10);
Serial.println();
Serial.print("Connecting to ");
Serial.println(ssid);
// WPA2 enterprise magic starts here
WiFi.disconnect(true);
esp_wifi_sta_wpa2_ent_set_identity((uint8_t *)EAP_ID, strlen(EAP_ID));
esp_wifi_sta_wpa2_ent_set_username((uint8_t *)EAP_USERNAME, strlen(EAP_USERNAME));
esp_wifi_sta_wpa2_ent_set_password((uint8_t *)EAP_PASSWORD, strlen(EAP_PASSWORD));
esp_wpa2_config_t config = WPA2_CONFIG_INIT_DEFAULT();
esp_wifi_sta_wpa2_ent_enable(&config);
// WPA2 enterprise magic ends here
delay(100);
WiFi.begin(ssid);
while (WiFi.status() != WL_CONNECTED)
{
delay(1000);
Serial.print(".");
}
Serial.println("");
Serial.println("WiFi connected");
Serial.println("IP address: ");
Serial.println(WiFi.localIP());
}
int value = 0;
const char *host = "lora.beemster.biz";
void loop()
{
delay(5000);
++value;
Serial.print("connecting to ");
Serial.println(host);
WiFiClient client;
if (!client.connect(host, 80))
{
Serial.println("connection failed");
return;
}
// We now create a URI for the request
String url = "/wpa2successmesage.php";
Serial.print("Requesting URL: ");
Serial.println(url);
// This will send the request to the server
client.print(String("GET ") + url + " HTTP/1.1\r\n" +
"Host: " + host + "\r\n" +
"Connection: close\r\n\r\n");
unsigned long timeout = millis();
while (client.available() == 0)
{
if (millis() - timeout > 5000)
{
Serial.println(">>> Client Timeout !");
client.stop();
return;
}
}
// Read all the lines of the reply from server and print them to Serial
while (client.available())
{
String line = client.readStringUntil('\r');
Serial.print(line);
}
Serial.println();
Serial.println("closing connection");
}
The ESP32 gives the following error:
Code: Select all
(1155) wpa: Method private structure allocated failure
-
- Posts: 45
- Joined: Wed Nov 15, 2017 9:07 pm
Re: WPA2 Enterprise connection
Unfortunately I am facing the same problem. I want my devices to connect to our corporate Wi-Fi that I don't have control over. I can connect with my Android phone with only Identity and Password (although I don't really know what android _really_ sends.
Unfortunately I lack the neccessary knowledge about WPA2 Enterprise to tell where the problem could be and what meaning those certificates and keys really have. I have tried without certificates and with the ones in the WPA2 example in case they are meant only as client side identification.
With the certificates I get:
Without them with only username, identity or both I get:
The MAC address in both cases is censored. Interstingly sometimes in the second case I don't get the "Private key not configure" but a loop with:
I also looked around if somebody else found a solution and have a little link collection:
Best regards,
Paul
Update:
I re-ran the example every log set to Verbose and with the WPA2 enterprise example there is the following error:
After that I removed the esp_wifi_sta_wpa2_ent_set_ca_cert because this can not match and get to the point:
I assume that "D (76281) wpa: TLSv1: Received alert 2:49" corresponds to https://tools.ietf.org/html/rfc5246#section-7.2: fatal - access_denied and that might be because "D (74031) wpa: TLSv1: Full client certificate chain not configured - validation may fail".
access_denied has the description:
I also tried to generate my own certificate with 2048 bit just in case. Could it be that the client certificate has to be referenced to the server CA?
Unfortunately I lack the neccessary knowledge about WPA2 Enterprise to tell where the problem could be and what meaning those certificates and keys really have. I have tried without certificates and with the ones in the WPA2 example in case they are meant only as client side identification.
With the certificates I get:
Code: Select all
I (268) wpa: WPA2 ENTERPRISE VERSION: [v2.0] enable
I (378) phy: phy_version: 3910, c0c45a3, May 21 2018, 18:07:06, 0, 0
I (378) wifi: mode : sta (xx:xx:xx:xx:xx:xx)
I (498) wifi: n:1 0, o:1 0, ap:255 255, sta:1 0, prof:1
I (1478) wifi: state: init -> auth (b0)
I (1488) wifi: state: auth -> assoc (0)
I (1518) wifi: state: assoc -> run (10)
I (1518) wpa: wpa2_task prio:2, stack:6656
I (1668) wpa: SSL: Need 2347 bytes more input data
I (1758) wpa: SSL: Need 1057 bytes more input data
I (2048) wpa: >>>>>wpa2 FIALED
I (2058) wpa: wpa2 task delete
Code: Select all
I (266) wpa: WPA2 ENTERPRISE VERSION: [v2.0] enable
I (376) phy: phy_version: 3910, c0c45a3, May 21 2018, 18:07:06, 0, 0
I (376) wifi: mode : sta (xx:xx:xx:xx:xx:xx)
I (506) wifi: n:1 0, o:1 0, ap:255 255, sta:1 0, prof:1
I (1476) wifi: state: init -> auth (b0)
I (1486) wifi: state: auth -> assoc (0)
I (1516) wifi: state: assoc -> run (10)
I (1516) wpa: wpa2_task prio:2, stack:6656
I (1596) wpa: EAP-TLS: Private key not configured
E (1596) wpa: Method private structure allocated failure
I (1636) wpa: >>>>>wpa2 FIALED
I (1646) wpa: wpa2 task delete
Code: Select all
I (232) wpa: WPA2 ENTERPRISE VERSION: [v2.0] enable
I (352) phy: phy_version: 3910, c0c45a3, May 21 2018, 18:07:06, 0, 0
I (352) wifi: mode : sta (xx:xx:xx:xx:xx:xx)
I (472) wifi: n:1 0, o:1 0, ap:255 255, sta:1 0, prof:1
I (1452) wifi: state: init -> auth (b0)
I (1452) wifi: state: auth -> assoc (0)
I (2462) wifi: state: assoc -> init (4)
I (2462) wifi: n:1 0, o:1 0, ap:255 255, sta:1 0, prof:1
I (2582) wifi: n:1 0, o:1 0, ap:255 255, sta:1 0, prof:1
I (2582) wifi: state: init -> auth (b0)
I (2582) wifi: state: auth -> assoc (0)
I (3582) wifi: state: assoc -> init (4)
I (3592) wifi: n:1 0, o:1 0, ap:255 255, sta:1 0, prof:1
I (3712) wifi: n:1 0, o:1 0, ap:255 255, sta:1 0, prof:1
I (3712) wifi: state: init -> auth (b0)
I (3732) wifi: state: auth -> assoc (0)
...
- https://github.com/espressif/esp-idf/issues/1297
- https://github.com/espressif/esp-idf/issues/1054
- https://github.com/espressif/esp-idf/issues/248
Optimal for me would be to connect without any certificate but if there is a way to extract this without access to the infrastructure (promiscious mode wifi?) it would also solve the problem. We will have >100 devices with ESP and would like to refrain from creating an additional wifi network.[...]I couldnt make it work without calling esp_wifi_sta_wpa2_ent_set_ca_cert (ie, once I added in esp_wifi_sta_wpa2_ent_set_ca_cert with the CA used in my authentication server's TLS Server Hello, it worked and wouldnt work without it). This might just be an older IDF thing as the IDF I am using is from a while ago, but still, it seems like its very easy to get the process to fail without a CA certificate. Reason seems to be that the client (ESP32) will send a TLS Alert telling the server that the server certificate was bad even if you call esp_wifi_sta_wpa2_ent_clear_ca_cert[...]
Best regards,
Paul
Update:
I re-ran the example every log set to Verbose and with the WPA2 enterprise example there is the following error:
Code: Select all
D (3002) wpa: X509: Did not find any of the issuers from the list of trusted certificates
D (3012) wpa: TLSv1: Server certificate chain validation failed (reason=6)
D (3022) wpa: TLSv1: Send Alert(2:48)
D (3022) wpa: SSL: 7 bytes left to be sent out (of total 7 bytes)
I (3102) wpa: >>>>>wpa2 FIALED
Code: Select all
D (74001) wpa: X509: Did not find any of the issuers from the list of trusted certificates
D (74001) wpa: X509: Certificate chain validation disabled - ignore unknown CA issue
D (74011) wpa: X509: Certificate chain valid
D (74021) wpa: TLSv1: Received CertificateRequest
D (74021) wpa: TLSv1: Received ServerHelloDone
D (74031) wpa: TLSv1: Send Certificate
D (74031) wpa: TLSv1: Full client certificate chain not configured - validation may fail
D (74041) wpa: TLSv1: Send ClientKeyExchange
D (74211) wpa: TLSv1: Send CertificateVerify
D (76101) wpa: TLSv1: Send ChangeCipherSpec
D (76101) wpa: TLSv1: Record Layer - New write cipher suite 0x0035
D (76101) wpa: TLSv1: Send Finished
D (76101) wpa: SSL: 1458 bytes left to be sent out (of total 1458 bytes)
D (76111) wpa: SSL: sending 1400 bytes, more fragments will follow
D (76211) wpa: SSL: Received packet(len=6) - Flags 0x00
D (76211) wpa: SSL: 58 bytes left to be sent out (of total 1458 bytes)
D (76281) wpa: SSL: Received packet(len=17) - Flags 0x80
D (76281) wpa: SSL: TLS Message Length: 7
D (76281) wpa: TLSv1: Received content type 21 version 3.1 length 2
D (76281) wpa: TLSv1: Received alert 2:49
D (76291) wpa: SSL: No data to be sent out
D (76291) wpa: SSL: Building ACK (type=13 id=8 ver=0)
I (76371) wpa: >>>>>wpa2 FIALED
D (76371) wpa: TLSv1: Selected cipher suite: 0x0000
D (76371) wpa: TLSv1: Record Layer - New write cipher suite 0x0000
D (76371) wpa: TLSv1: Record Layer - New read cipher suite 0x0000
I (76391) wpa: wpa2 task delete
access_denied has the description:
Update 2:A valid certificate was received, but when access control was
applied, the sender decided not to proceed with negotiation. This
message is always fatal.
I also tried to generate my own certificate with 2048 bit just in case. Could it be that the client certificate has to be referenced to the server CA?
-
- Posts: 1
- Joined: Fri Aug 10, 2018 6:54 pm
Re: WPA2 Enterprise connection
Hello,
In my case my university uses "eduroam" WPA2 Enterprise, TTLS, no certificate, MSCHAPv2(no EAP)
and I was able to connect using the code below. I had to insert the WiFi.mode(WIFI_STA); otherwise my ESP32 would reset with Guru meditation..
// eduroam WPA2 Enterprise, TTLS, no certificate, MSCHAPv2(no EAP)
#include "esp_wpa2.h"
#include <WiFi.h>
#define EAP_IDENTITY "jonny" // ID eg: "jonny" not jonny@univ.xx
#define EAP_PASSWORD "passwd"
#define MENOPC "ESP32 Board"
String line;
const char* ssid = "eduroam";
WiFiClient client;
void setup() {
Serial.begin(115200);
delay(10);
Serial.println();
Serial.println(ssid);
WiFi.disconnect(true);
WiFi.mode(WIFI_STA);
esp_wifi_sta_wpa2_ent_set_identity((uint8_t *)EAP_IDENTITY, strlen(EAP_IDENTITY));
esp_wifi_sta_wpa2_ent_set_username((uint8_t *)EAP_IDENTITY, strlen(EAP_IDENTITY));
esp_wifi_sta_wpa2_ent_set_password((uint8_t *)EAP_PASSWORD, strlen(EAP_PASSWORD));
esp_wpa2_config_t config = WPA2_CONFIG_INIT_DEFAULT();
esp_wifi_sta_wpa2_ent_enable(&config);
Serial.println("MAC address: ");
Serial.println(WiFi.macAddress());
WiFi.begin(ssid);
while (WiFi.status() != WL_CONNECTED) {
delay(500);
Serial.print(".");
}
Serial.println("");
Serial.println("IP address: ");
Serial.println(WiFi.localIP());
}
void loop() {
while (client.available()) {
char c = client.read();
Serial.write(c);
}
if (!client.connected()) {
if (client.connect("my-site", 3000)) {
client.println("GET /sensores?temperatura=123&id=ESP32 HTTP/1.1");
client.println("Connection: close");
client.println();
delay(2000);
}
}
}
In my case my university uses "eduroam" WPA2 Enterprise, TTLS, no certificate, MSCHAPv2(no EAP)
and I was able to connect using the code below. I had to insert the WiFi.mode(WIFI_STA); otherwise my ESP32 would reset with Guru meditation..
// eduroam WPA2 Enterprise, TTLS, no certificate, MSCHAPv2(no EAP)
#include "esp_wpa2.h"
#include <WiFi.h>
#define EAP_IDENTITY "jonny" // ID eg: "jonny" not jonny@univ.xx
#define EAP_PASSWORD "passwd"
#define MENOPC "ESP32 Board"
String line;
const char* ssid = "eduroam";
WiFiClient client;
void setup() {
Serial.begin(115200);
delay(10);
Serial.println();
Serial.println(ssid);
WiFi.disconnect(true);
WiFi.mode(WIFI_STA);
esp_wifi_sta_wpa2_ent_set_identity((uint8_t *)EAP_IDENTITY, strlen(EAP_IDENTITY));
esp_wifi_sta_wpa2_ent_set_username((uint8_t *)EAP_IDENTITY, strlen(EAP_IDENTITY));
esp_wifi_sta_wpa2_ent_set_password((uint8_t *)EAP_PASSWORD, strlen(EAP_PASSWORD));
esp_wpa2_config_t config = WPA2_CONFIG_INIT_DEFAULT();
esp_wifi_sta_wpa2_ent_enable(&config);
Serial.println("MAC address: ");
Serial.println(WiFi.macAddress());
WiFi.begin(ssid);
while (WiFi.status() != WL_CONNECTED) {
delay(500);
Serial.print(".");
}
Serial.println("");
Serial.println("IP address: ");
Serial.println(WiFi.localIP());
}
void loop() {
while (client.available()) {
char c = client.read();
Serial.write(c);
}
if (!client.connected()) {
if (client.connect("my-site", 3000)) {
client.println("GET /sensores?temperatura=123&id=ESP32 HTTP/1.1");
client.println("Connection: close");
client.println();
delay(2000);
}
}
}
Re: WPA2 Enterprise connection
PaulFreund, I am having exactly the same issue you've faced. Unfortunately, I don't have a lot of experience with enterprise WPA2 as well. Have you found any solution so far? Network I'm trying to connect to has been set up (not by me) with the following how-to:
https://www.cisco.com/c/en/us/support/d ... g-000.html
I was trying to find out a way to control certificate request/checking on the server side (that's probably what's causing the problem) but haven't succeeded so far.
https://www.cisco.com/c/en/us/support/d ... g-000.html
I was trying to find out a way to control certificate request/checking on the server side (that's probably what's causing the problem) but haven't succeeded so far.
Thanks,
--yuri
--yuri
-
- Posts: 45
- Joined: Wed Nov 15, 2017 9:07 pm
Re: WPA2 Enterprise connection
Hello Fabio,fabio.rocha wrote:Hello,
In my case my university uses "eduroam" WPA2 Enterprise, TTLS, no certificate, MSCHAPv2(no EAP)
and I was able to connect using the code below. I had to insert the WiFi.mode(WIFI_STA); otherwise my ESP32 would reset with Guru meditation..
unfortunately this does not work for me with the latest ESP-IDF (I replicated the Wifi.mode function from the arduino sdk). Can you set all logs to maximum and provide them? This would mean that you successfully connected to a Wifi without a certificate. This was one of my main question because I can connect to our WPA2 Enterprise network with my Android phone but not the ESP and I thought it might be that the Android creates a self signed certificate or something. With your example I get:
Code: Select all
I (1671) wpa: EAP-TLS: Private key not configured
E (1671) wpa: Method private structure allocated failure
I (1901) wpa: >>>>>wpa2 FAILED
EDIT: At least the following two issues seem to be related too:
https://github.com/espressif/esp-idf/issues/2152
https://github.com/espressif/esp-idf/issues/1297
Re: WPA2 Enterprise connection
One idea for troubleshooting is to use something like Kali Linux to monitor the conversation between the Radius and ESP32 to gain a better understanding of the problem. I would imagine there's a way to filter the wireless interactions and narrow them down to just the conversation involving the ESP32. Let me know if I'm wrong, -- I'll try to learn Kali Linux for this sole purpose.
"Ukranian computer engineer"
-
- Posts: 45
- Joined: Wed Nov 15, 2017 9:07 pm
Re: WPA2 Enterprise connection
Hi RavenHawk, this is what I am planning too, what you will need is a wifi interface that supports monitor mode and then use Wireshark for capturing. Kali Linux is a good point to start.
Edit: I've ordereed a Alfa Network AWUS036NHA because of it's monitor mode and injection capabilities
Edit: I've ordereed a Alfa Network AWUS036NHA because of it's monitor mode and injection capabilities
-
- Posts: 45
- Joined: Wed Nov 15, 2017 9:07 pm
Re: WPA2 Enterprise connection
This pull request solves my issue and I can connect to my WPA2 Enterprise network now https://github.com/espressif/esp-idf/pull/2354
Re: WPA2 Enterprise connection
Oh, so this pull uses the ESP-IDF libraries ( https://github.com/espressif/esp-idf/pull/2354 ). I am using the Arduino IDE with the latest Arduino-ESP32 libraries: https://github.com/espressif/arduino-esp32
Is there a way to make this work whilst using the Arduino-ESP32 1.0.0 Libraries? If not, does that mean I have to completely switch and learn to use ESP-IDF or is it possible to just #include a few files and be able to use them alongside the native <WiFi.h> library like I did below?
If there is no way to make the above code work, is there a way to make the wpa2_enterprise_main.c example work in Arduino IDE? (Shown below):
Is there a way to make this work whilst using the Arduino-ESP32 1.0.0 Libraries? If not, does that mean I have to completely switch and learn to use ESP-IDF or is it possible to just #include a few files and be able to use them alongside the native <WiFi.h> library like I did below?
Code: Select all
#include <WiFi.h>
#include "esp_wpa2.h"
const char* ssid = "SSID";
#define EAP_ID "ID"
#define EAP_USERNAME "USERNAME"
#define EAP_PASSWORD "PASSWORD"
void setup() {
Serial.begin(115200);
delay(10);
Serial.println();
Serial.print("Connecting to ");
Serial.println(ssid);
// WPA2 enterprise magic starts here
WiFi.disconnect(true);
//wifi_auth_mode_t(WIFI_AUTH_WPA2_ENTERPRISE);
esp_wpa2_config_t config = WPA2_CONFIG_INIT_DEFAULT();
esp_wifi_sta_wpa2_ent_set_identity((uint8_t *)EAP_ID, strlen(EAP_ID));
esp_wifi_sta_wpa2_ent_set_username((uint8_t *)EAP_USERNAME, strlen(EAP_USERNAME));
esp_wifi_sta_wpa2_ent_set_password((uint8_t *)EAP_PASSWORD, strlen(EAP_PASSWORD));
esp_wifi_sta_wpa2_ent_enable(&config);
// WPA2 enterprise magic ends here
WiFi.begin(ssid);
while (WiFi.status() != WL_CONNECTED) {
delay(500);
Serial.print(".");
}
Serial.println("");
Serial.println("WiFi connected");
Serial.println("IP address: ");
Serial.println(WiFi.localIP());
}
void loop ()
{
}
Code: Select all
/* WiFi Connection Example using WPA2 Enterprise
*
* Original Copyright (C) 2006-2016, ARM Limited, All Rights Reserved, Apache 2.0 License.
* Additions Copyright (C) Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD, Apache 2.0 License.
*
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include <string.h>
#include <stdlib.h>
#include "freertos/FreeRTOS.h"
#include "freertos/task.h"
#include "freertos/event_groups.h"
#include "esp_wifi.h"
#include "esp_wpa2.h"
#include "esp_event_loop.h"
#include "esp_log.h"
#include "esp_system.h"
#include "nvs_flash.h"
#include "tcpip_adapter.h"
/* The examples use simple WiFi configuration that you can set via
'make menuconfig'.
If you'd rather not, just change the below entries to strings with
the config you want - ie #define EXAMPLE_WIFI_SSID "mywifissid"
You can choose EAP method via 'make menuconfig' according to the
configuration of AP.
*/
#define EXAMPLE_WIFI_SSID "SSID"
#define EXAMPLE_EAP_METHOD 1
#define EXAMPLE_EAP_ID "ID"
#define EXAMPLE_EAP_USERNAME "USERNAME"
#define EXAMPLE_EAP_PASSWORD "PASSWORD"
/* FreeRTOS event group to signal when we are connected & ready to make a request */
static EventGroupHandle_t wifi_event_group;
/* The event group allows multiple bits for each event,
but we only care about one event - are we connected
to the AP with an IP? */
const int CONNECTED_BIT = BIT0;
/* Constants that aren't configurable in menuconfig */
#define EAP_PEAP 1
#define EAP_TTLS 2
static const char *TAG = "example";
/* CA cert, taken from wpa2_ca.pem
Client cert, taken from wpa2_client.crt
Client key, taken from wpa2_client.key
The PEM, CRT and KEY file were provided by the person or organization
who configured the AP with wpa2 enterprise.
To embed it in the app binary, the PEM, CRT and KEY file is named
in the component.mk COMPONENT_EMBED_TXTFILES variable.
*/
extern uint8_t ca_pem_start[] asm("_binary_wpa2_ca_pem_start");
extern uint8_t ca_pem_end[] asm("_binary_wpa2_ca_pem_end");
extern uint8_t client_crt_start[] asm("_binary_wpa2_client_crt_start");
extern uint8_t client_crt_end[] asm("_binary_wpa2_client_crt_end");
extern uint8_t client_key_start[] asm("_binary_wpa2_client_key_start");
extern uint8_t client_key_end[] asm("_binary_wpa2_client_key_end");
static esp_err_t event_handler(void *ctx, system_event_t *event)
{
switch(event->event_id) {
case SYSTEM_EVENT_STA_START:
esp_wifi_connect();
break;
case SYSTEM_EVENT_STA_GOT_IP:
xEventGroupSetBits(wifi_event_group, CONNECTED_BIT);
break;
case SYSTEM_EVENT_STA_DISCONNECTED:
esp_wifi_connect();
xEventGroupClearBits(wifi_event_group, CONNECTED_BIT);
break;
default:
break;
}
return ESP_OK;
}
static void initialise_wifi(void)
{
unsigned int ca_pem_bytes = ca_pem_end - ca_pem_start;
unsigned int client_crt_bytes = client_crt_end - client_crt_start;
unsigned int client_key_bytes = client_key_end - client_key_start;
esp_wpa2_config_t config = WPA2_CONFIG_INIT_DEFAULT();
tcpip_adapter_init();
wifi_event_group = xEventGroupCreate();
ESP_ERROR_CHECK( esp_event_loop_init(event_handler, NULL) );
wifi_init_config_t cfg = WIFI_INIT_CONFIG_DEFAULT();
ESP_ERROR_CHECK( esp_wifi_init(&cfg) );
ESP_ERROR_CHECK( esp_wifi_set_storage(WIFI_STORAGE_RAM) );
wifi_config_t wifi_config = {
.sta = {
.ssid = EXAMPLE_WIFI_SSID,
}
};
ESP_LOGI(TAG, "Setting WiFi configuration SSID %s...", wifi_config.sta.ssid);
ESP_ERROR_CHECK( esp_wifi_set_mode(WIFI_MODE_STA) );
ESP_ERROR_CHECK( esp_wifi_set_config(ESP_IF_WIFI_STA, &wifi_config) );
ESP_ERROR_CHECK( esp_wifi_sta_wpa2_ent_set_ca_cert(ca_pem_start, ca_pem_bytes) );
ESP_ERROR_CHECK( esp_wifi_sta_wpa2_ent_set_cert_key(client_crt_start, client_crt_bytes,\
client_key_start, client_key_bytes, NULL, 0) );
ESP_ERROR_CHECK( esp_wifi_sta_wpa2_ent_set_identity((uint8_t *)EXAMPLE_EAP_ID, strlen(EXAMPLE_EAP_ID)) );
if (EXAMPLE_EAP_METHOD == EAP_PEAP || EXAMPLE_EAP_METHOD == EAP_TTLS) {
ESP_ERROR_CHECK( esp_wifi_sta_wpa2_ent_set_username((uint8_t *)EXAMPLE_EAP_USERNAME, strlen(EXAMPLE_EAP_USERNAME)) );
ESP_ERROR_CHECK( esp_wifi_sta_wpa2_ent_set_password((uint8_t *)EXAMPLE_EAP_PASSWORD, strlen(EXAMPLE_EAP_PASSWORD)) );
}
ESP_ERROR_CHECK( esp_wifi_sta_wpa2_ent_enable(&config) );
ESP_ERROR_CHECK( esp_wifi_start() );
}
static void wpa2_enterprise_example_task(void *pvParameters)
{
tcpip_adapter_ip_info_t ip;
memset(&ip, 0, sizeof(tcpip_adapter_ip_info_t));
vTaskDelay(2000 / portTICK_PERIOD_MS);
while (1) {
vTaskDelay(2000 / portTICK_PERIOD_MS);
if (tcpip_adapter_get_ip_info(ESP_IF_WIFI_STA, &ip) == 0) {
ESP_LOGI(TAG, "~~~~~~~~~~~");
ESP_LOGI(TAG, "IP:"IPSTR, IP2STR(&ip.ip));
ESP_LOGI(TAG, "MASK:"IPSTR, IP2STR(&ip.netmask));
ESP_LOGI(TAG, "GW:"IPSTR, IP2STR(&ip.gw));
ESP_LOGI(TAG, "~~~~~~~~~~~");
}
}
}
void setup()
{
ESP_ERROR_CHECK( nvs_flash_init() );
initialise_wifi();
xTaskCreate(&wpa2_enterprise_example_task, "wpa2_enterprise_example_task", 4096, NULL, 5, NULL);
}
void loop ()
{
}
"Ukranian computer engineer"
Who is online
Users browsing this forum: No registered users and 91 guests