How to enable periodic reauthentication with wpa_supplicant

Question

I am using wpa_supplicant in an embedded box (running linux). The wpa_supplicant is working as expected but when the user certificate expires (only the user certificate and not the root certificate), the device is still running in network and not getting disconnected. It is getting disconnected only when i do "ifconfig eth0 down" followed by "ifconfig eth0 up". Is there a mechanism to validate the certificates periodically and if so how to do it.

wpa_supplicant configuration is as follows:

ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=0
eapol_version=2
ap_scan=0
  network={
      ssid="YOUR-SSID"
      key_mgmt=IEEE8021X
      eap=PEAP
      identity="test"
      password="password"
      ca_cert="/etc/certs/cacert.pem"
      phase2="autheap=TLS"
      ca_cert2="/etc/certs/cacert.pem"
      private_key2="/etc/certs/test.pfx"
      private_key2_passwd="password"
      }

score 1 · Answer 1 · answered Mar 25 '16 at 08:03

1

Maybe a shell script can help you with this? Once you run the wpa_supplicant in -B flag, it's hard to cancel it but use 'kill' system call. So you might write a script like this: (For example)

run wpa_supplicant with -B
loop start
  sleep 100 && 
  if user certificate expires then kill wpa_supplicant && 
  reload wpa_supplicant
loop end

And the script will help you to kill and reload wpa_supplicant in a period of 100 second.

answered Mar 25 '16 at 08:03

X12koni

7
1

What does reload mean? Does re-starting wpa supplicant re-authenticate with the server? – Balajee May 18 '21 at 06:49

How to enable periodic reauthentication with wpa_supplicant

1 Answers1