如何让 wpa_supplicant 接受 PEAP MSCHAPv2 的任何服务器证书,而不必手动将公钥放入客户端配置中?
答案1
只需不要在 wpa_supplicant.conf 文件中包含ca_cert
或标签/值对即可。ca_path
来自示例 wpa_supplicant.conf 文件。请注意第三句(重点是我的):
# ca_cert: File path to CA certificate file (PEM/DER). This file can have one # or more trusted CA certificates. If ca_cert and ca_path are not # included, server certificate will not be verified. This is insecure and # a trusted CA certificate should always be configured when using # EAP-TLS/TTLS/PEAP. Full path should be used since working directory may # change when wpa_supplicant is run in the background.