Interworking: Update configuration file documentation for credentials

Signed-hostap: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2012-03-03 10:49:02 +02:00
parent 11e4f46a10
commit 400020cbe8

View File

@ -239,23 +239,87 @@ fast_reauth=1
# is enabled. # is enabled.
# hessid=00:11:22:33:44:55 # hessid=00:11:22:33:44:55
# Home Realm for Interworking # credential block
#home_realm=example.com #
# Each credential used for automatic network selection is configured as a set
# Username for Interworking network selection # of parameters that are compared to the information advertised by the APs when
#home_username=user # interworking_select and interworking_connect commands are used.
#
# Password for Interworking network selection # credential fields:
#home_password=secret #
# priority: Priority group
# CA certificate for Interworking network selection # By default, all networks and credentials get the same priority group
#home_ca_cert=/etc/cert/ca.pem # (0). This field can be used to give higher priority for credentials
# (and similarly in struct wpa_ssid for network blocks) to change the
# IMSI in <MCC> | <MNC> | '-' | <MSIN> format # Interworking automatic networking selection behavior. The matching
#home_imsi=232010000000000 # network (based on either an enabled network block or a credential)
# with the highest priority value will be selected.
# Milenage parameters for SIM/USIM simulator in <Ki>:<OPc>:<SQN> format #
#home_milenage=90dca4eda45b53cf0f12d7c9c3bc6a89:cb9cccc4b9258e6dca4760379fb82581:000000000123 # realm: Home Realm for Interworking
#
# username: Username for Interworking network selection
#
# password: Password for Interworking network selection
#
# ca_cert: CA certificate for Interworking network selection
#
# client_cert: File path to client certificate file (PEM/DER)
# This field is used with Interworking networking selection for a case
# where client certificate/private key is used for authentication
# (EAP-TLS). Full path to the file should be used since working
# directory may change when wpa_supplicant is run in the background.
#
# Alternatively, a named configuration blob can be used by setting
# this to blob://blob_name.
#
# private_key: File path to client private key file (PEM/DER/PFX)
# When PKCS#12/PFX file (.p12/.pfx) is used, client_cert should be
# commented out. Both the private key and certificate will be read
# from the PKCS#12 file in this case. Full path to the file should be
# used since working directory may change when wpa_supplicant is run
# in the background.
#
# Windows certificate store can be used by leaving client_cert out and
# configuring private_key in one of the following formats:
#
# cert://substring_to_match
#
# hash://certificate_thumbprint_in_hex
#
# For example: private_key="hash://63093aa9c47f56ae88334c7b65a4"
#
# Note that when running wpa_supplicant as an application, the user
# certificate store (My user account) is used, whereas computer store
# (Computer account) is used when running wpasvc as a service.
#
# Alternatively, a named configuration blob can be used by setting
# this to blob://blob_name.
#
# private_key_passwd: Password for private key file
#
# imsi: IMSI in <MCC> | <MNC> | '-' | <MSIN> format
#
# milenage: Milenage parameters for SIM/USIM simulator in <Ki>:<OPc>:<SQN>
# format
#
# domain: Home service provider FQDN
# This is used to compare against the Domain Name List to figure out
# whether the AP is operated by the Home SP.
#
# for example:
#
#cred={
# realm="example.com"
# username="user@example.com"
# password="password"
# ca_cert="/etc/wpa_supplicant/ca.pem"
# domain="example.com"
#}
#
#cred={
# imsi="310026-000000000"
# milenage="90dca4eda45b53cf0f12d7c9c3bc6a89:cb9cccc4b9258e6dca4760379fb82
#}
# network block # network block
# #