Can't get WPA2 Enterprise (EAP-TLS) to connect to wifi AP using nrf5340/nrf7002/NCS2.9.0

I am trying to get the wifi stack to connect to a wifi AP using WAP2 Enterprise (initially just with identity and eap_password, later with full ca_certificate check and client certificate).

We have a custom PCB with nrf5340, nrf7002, and an application built with NCS2.9.0.

The code will connect ok when using WPA2-PSK and WPA3-SAE, but doesn't manage to connect using WPA2-EAP-TLS?

To try to determine why, I have enabled WPA2-Enterprise connection in the wifi-sta sample but this doesn't connect either.

wifi-sta prj.conf file:

4300.prj.conf

The connection setup code is like this:

static int __wifi_params_wpa2eap(struct wifi_connect_req_params *params)
{

    params->timeout =  CONFIG_STA_CONN_TIMEOUT_SEC * MSEC_PER_SEC;

    if (params->timeout == 0) {
        params->timeout = SYS_FOREVER_MS;
    }

    /* Defaults */
    params->band = WIFI_FREQ_BAND_UNKNOWN;
    params->channel = WIFI_CHANNEL_ANY;
    params->security = WIFI_SECURITY_TYPE_NONE;
    params->mfp = WIFI_MFP_OPTIONAL;

    /* SSID */
    params->ssid =STA_SSID;
    params->ssid_length = strlen(params->ssid);

    params->security = WIFI_SECURITY_TYPE_EAP_TLS;
    params->eap_identity = STA_IDENTITY;        //"cc2-004a";
    params->eap_id_length = strlen(params->eap_identity);
    params->eap_password = STA_PASSWORD;
    params->eap_passwd_length = strlen(params->eap_password);

    return 0;
}
Is this correct to set up a WPA2 EAP-TLS connection?
btw my wifi AP is a HP 505H using an internal database for EAP user lookup.
The debug output from wpa_supplient during the connection attempt:
[00:00:00.470,855] <inf> sta: Starting cc2v1 with CPU frequency: 64 MHz
[00:00:00.471,038] <dbg> wpa_supp: wpa_printf_impl: wpa_supplicant v2.11-devel
[00:00:00.471,252] <inf> wifi_supplicant: wpa_supplicant initialized
[00:00:00.471,618] <dbg> wifi_supplicant: add_interface: Adding interface wlan0 [1] (0x200019b8)
[00:00:00.471,710] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: interface_add, argc: 5
[00:00:00.471,771] <dbg> wpa_supp: wpa_printf_impl: argv[0]: interface_add
[00:00:00.471,832] <dbg> wpa_supp: wpa_printf_impl: argv[1]: wlan0
[00:00:00.471,862] <dbg> wpa_supp: wpa_printf_impl: argv[2]: zephyr
[00:00:00.471,893] <dbg> wpa_supp: wpa_printf_impl: argv[3]: zephyr
[00:00:00.471,954] <dbg> wpa_supp: wpa_printf_impl: argv[4]: zephyr
[00:00:00.472,320] <dbg> wpa_supp: wpa_printf_impl: RX global ctrl_iface - hexdump_ascii(len=71):
[00:00:00.472,351] <dbg> wpa_supp: _wpa_hexdump_ascii:
49 4e 54 45 52 46 41 43 45 5f 41 44 44 20 77 6c |INTERFAC E_ADD wl
61 6e 30 09 7a 65 70 68 79 72 09 7a 65 70 68 79 |an0.zeph yr.zephy
72 09 7a 65 70 68 79 72 09 09 09 09 20 77 6c 61 |r.zephyr .... wla
6e 30 20 7a 65 70 68 79 72 20 7a 65 70 68 79 72 |n0 zephy r zephyr
20 7a 65 70 68 79 72 | zephyr
[00:00:00.472,412] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE GLOBAL INTERFACE_ADD 'wlan0 zephyr zephyr zephyr wlan0 zephyr zephyr zephyr'
[00:00:00.472,534] <dbg> wpa_supp: wpa_printf_impl: Initializing interface 'wlan0' conf 'zephyr' driver 'zephyr' ctrl_interface 'zephyr' bridge 'N/A'
[00:00:00.474,517] <dbg> wpa_supp: wpa_printf_impl: Add interface wlan0 to a new radio N/A
[00:00:00.477,966] <dbg> wpa_supp: wpa_printf_impl: wpa_supp: Added 802.11b mode based on 802.11g information
[00:00:00.478,179] <dbg> wpa_supp: wpa_printf_impl: l2_packet_init: iface wlan0 ifindex 1
[00:00:00.478,332] <dbg> wpa_supp: wpa_printf_impl: wlan0: Own MAC address: f0:ce:37:00:00:4a
[00:00:00.478,485] <dbg> wpa_supp: wpa_printf_impl: _wpa_drv_zep_set_key: priv:0x2000a450 alg 0 addr 0x0 key_idx 0 set_tx 0 seq 0x0 seq_len 0 key 0x0 key_len 0 key_flag 10
[00:00:00.482,025] <dbg> wpa_supp: wpa_printf_impl: _wpa_drv_zep_set_key: priv:0x2000a450 alg 0 addr 0x0 key_idx 1 set_tx 0 seq 0x0 seq_len 0 key 0x0 key_len 0 key_flag 10
[00:00:00.484,344] <dbg> wpa_supp: wpa_printf_impl: _wpa_drv_zep_set_key: priv:0x2000a450 alg 0 addr 0x0 key_idx 2 set_tx 0 seq 0x0 seq_len 0 key 0x0 key_len 0 key_flag 10
[00:00:00.486,663] <dbg> wpa_supp: wpa_printf_impl: _wpa_drv_zep_set_key: priv:0x2000a450 alg 0 addr 0x0 key_idx 3 set_tx 0 seq 0x0 seq_len 0 key 0x0 key_len 0 key_flag 10
[00:00:00.488,983] <dbg> wpa_supp: wpa_printf_impl: _wpa_drv_zep_set_key: priv:0x2000a450 alg 0 addr 0x0 key_idx 4 set_tx 0 seq 0x0 seq_len 0 key 0x0 key_len 0 key_flag 10
[00:00:00.492,675] <dbg> wpa_supp: wpa_printf_impl: _wpa_drv_zep_set_key: priv:0x2000a450 alg 0 addr 0x0 key_idx 5 set_tx 0 seq 0x0 seq_len 0 key 0x0 key_len 0 key_flag 10
[00:00:00.494,964] <dbg> wpa_supp: wpa_printf_impl: wlan0: RSN: flushing PMKID list in the driver
[00:00:00.495,086] <dbg> wpa_supp: wpa_printf_impl: wlan0: State: DISCONNECTED -> INACTIVE
[00:00:00.557,220] <dbg> wpa_supp: wpa_printf_impl: EAPOL: SUPP_PAE entering state DISCONNECTED
[00:00:00.557,281] <dbg> wpa_supp: wpa_printf_impl: EAPOL: Supplicant port status: Unauthorized
[00:00:00.567,687] <dbg> wpa_supp: wpa_printf_impl: EAPOL: KEY_RX entering state NO_KEY_RECEIVE
[00:00:00.567,749] <dbg> wpa_supp: wpa_printf_impl: EAPOL: SUPP_BE entering state INITIALIZE
[00:00:00.567,779] <dbg> wpa_supp: wpa_printf_impl: EAP: EAP entering state DISABLED
[00:00:00.568,145] <dbg> wpa_supp: wpa_printf_impl: wlan0: Added interface wlan0
[00:00:00.568,267] <dbg> wpa_supp: wpa_printf_impl: wlan0: State: INACTIVE -> DISCONNECTED
[00:00:01.471,008] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: remove_network, argc: 2
[00:00:01.471,069] <dbg> wpa_supp: wpa_printf_impl: argv[0]: remove_network
[00:00:01.471,099] <dbg> wpa_supp: wpa_printf_impl: argv[1]: all
[00:00:01.471,466] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'REMOVE_NETWORK all'
[00:00:01.471,557] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: REMOVE_NETWORK all
[00:00:01.472,076] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'ADD_NETWORK'
[00:00:01.472,167] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: ADD_NETWORK
[00:00:01.472,656] <dbg> wpa_supp: wpa_printf_impl: Received len: 26, msg_len:26 - CTRL-EVENT-NETWORK-ADDED 0->END
[00:00:01.473,022] <dbg> wpa_supp: wpa_printf_impl: NET added: 0
[00:00:01.473,114] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: set_network, argc: 4
[00:00:01.473,175] <dbg> wpa_supp: wpa_printf_impl: argv[0]: set_network
[00:00:01.473,205] <dbg> wpa_supp: wpa_printf_impl: argv[1]: 0
[00:00:01.473,266] <dbg> wpa_supp: wpa_printf_impl: argv[2]: ssid
[00:00:01.473,297] <dbg> wpa_supp: wpa_printf_impl: argv[3]: "kiosk_wpa2_ent"
[00:00:01.473,693] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'SET_NETWORK [REMOVED]'
[00:00:01.473,815] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: SET_NETWORK id=0 name='ssid'
[00:00:01.473,876] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: value - hexdump_ascii(len=16): [REMOVED]
[00:00:01.473,968] <dbg> wpa_supp: wpa_printf_impl: ssid - hexdump_ascii(len=14):
[00:00:01.473,999] <dbg> wpa_supp: _wpa_hexdump_ascii:
6b 69 6f 73 6b 5f 77 70 61 32 5f 65 6e 74 |kiosk_wp a2_ent
[00:00:01.474,273] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: set_network, argc: 4
[00:00:01.474,304] <dbg> wpa_supp: wpa_printf_impl: argv[0]: set_network
[00:00:01.474,365] <dbg> wpa_supp: wpa_printf_impl: argv[1]: 0
[00:00:01.474,395] <dbg> wpa_supp: wpa_printf_impl: argv[2]: scan_ssid
[00:00:01.474,456] <dbg> wpa_supp: wpa_printf_impl: argv[3]: 1
[00:00:01.474,822] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'SET_NETWORK [REMOVED]'
[00:00:01.474,975] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: SET_NETWORK id=0 name='scan_ssid'
[00:00:01.475,036] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: value - hexdump_ascii(len=1): [REMOVED]
[00:00:01.475,097] <dbg> wpa_supp: wpa_printf_impl: scan_ssid=1 (0x1)
[00:00:01.475,372] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: set_network, argc: 4
[00:00:01.475,402] <dbg> wpa_supp: wpa_printf_impl: argv[0]: set_network
[00:00:01.475,463] <dbg> wpa_supp: wpa_printf_impl: argv[1]: 0
[00:00:01.475,494] <dbg> wpa_supp: wpa_printf_impl: argv[2]: key_mgmt
[00:00:01.475,524] <dbg> wpa_supp: wpa_printf_impl: argv[3]: NONE
[00:00:01.475,921] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'SET_NETWORK [REMOVED]'
[00:00:01.476,043] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: SET_NETWORK id=0 name='key_mgmt'
[00:00:01.476,104] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: value - hexdump_ascii(len=4): [REMOVED]
[00:00:01.476,196] <dbg> wpa_supp: wpa_printf_impl: key_mgmt: 0x4
[00:00:01.476,501] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: set_network, argc: 4
[00:00:01.476,531] <dbg> wpa_supp: wpa_printf_impl: argv[0]: set_network
[00:00:01.476,593] <dbg> wpa_supp: wpa_printf_impl: argv[1]: 0
[00:00:01.476,623] <dbg> wpa_supp: wpa_printf_impl: argv[2]: ieee80211w
[00:00:01.476,654] <dbg> wpa_supp: wpa_printf_impl: argv[3]: 0
[00:00:01.477,050] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'SET_NETWORK [REMOVED]'
[00:00:01.477,172] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: SET_NETWORK id=0 name='ieee80211w'
[00:00:01.477,233] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: value - hexdump_ascii(len=1): [REMOVED]
[00:00:01.477,386] <dbg> wpa_supp: wpa_printf_impl: ieee80211w=0 (0x0)
[00:00:01.477,661] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: set_network, argc: 4
[00:00:01.477,722] <dbg> wpa_supp: wpa_printf_impl: argv[0]: set_network
[00:00:01.477,752] <dbg> wpa_supp: wpa_printf_impl: argv[1]: 0
[00:00:01.477,813] <dbg> wpa_supp: wpa_printf_impl: argv[2]: proto
[00:00:01.477,844] <dbg> wpa_supp: wpa_printf_impl: argv[3]: RSN
[00:00:01.478,210] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'SET_NETWORK [REMOVED]'
[00:00:01.478,363] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: SET_NETWORK id=0 name='proto'
[00:00:01.478,424] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: value - hexdump_ascii(len=3): [REMOVED]
[00:00:01.478,485] <dbg> wpa_supp: wpa_printf_impl: proto: 0x2
[00:00:01.478,790] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: set_network, argc: 4
[00:00:01.478,820] <dbg> wpa_supp: wpa_printf_impl: argv[0]: set_network
[00:00:01.478,881] <dbg> wpa_supp: wpa_printf_impl: argv[1]: 0
[00:00:01.478,912] <dbg> wpa_supp: wpa_printf_impl: argv[2]: key_mgmt
[00:00:01.478,973] <dbg> wpa_supp: wpa_printf_impl: argv[3]: WPA-EAP
[00:00:01.479,339] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'SET_NETWORK [REMOVED]'
[00:00:01.479,492] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: SET_NETWORK id=0 name='key_mgmt'
[00:00:01.479,553] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: value - hexdump_ascii(len=7): [REMOVED]
[00:00:01.479,644] <dbg> wpa_supp: wpa_printf_impl: key_mgmt: 0x1
[00:00:01.479,919] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: set, argc: 3
[00:00:01.479,949] <dbg> wpa_supp: wpa_printf_impl: argv[0]: set
[00:00:01.480,010] <dbg> wpa_supp: wpa_printf_impl: argv[1]: openssl_ciphers
[00:00:01.480,041] <dbg> wpa_supp: wpa_printf_impl: argv[2]: "DEFAULT:!EXP:!LOW"
[00:00:01.480,438] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'SET openssl_ciphers "DEFAULT:!EXP:!LOW"'
[00:00:01.480,529] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE SET 'openssl_ciphers'='"DEFAULT:!EXP:!LOW"'
[00:00:01.480,651] <dbg> wpa_supp: wpa_printf_impl: openssl_ciphers='"DEFAULT:!EXP:!LOW"'
[00:00:01.480,926] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: set_network, argc: 4
[00:00:01.480,987] <dbg> wpa_supp: wpa_printf_impl: argv[0]: set_network
[00:00:01.481,018] <dbg> wpa_supp: wpa_printf_impl: argv[1]: 0
[00:00:01.481,048] <dbg> wpa_supp: wpa_printf_impl: argv[2]: group
[00:00:01.481,109] <dbg> wpa_supp: wpa_printf_impl: argv[3]: CCMP
[00:00:01.481,475] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'SET_NETWORK [REMOVED]'
[00:00:01.481,628] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: SET_NETWORK id=0 name='group'
[00:00:01.481,689] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: value - hexdump_ascii(len=4): [REMOVED]
[00:00:01.481,781] <dbg> wpa_supp: wpa_printf_impl: group: 0x10
[00:00:01.482,055] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: set_network, argc: 4
[00:00:01.482,116] <dbg> wpa_supp: wpa_printf_impl: argv[0]: set_network
[00:00:01.482,147] <dbg> wpa_supp: wpa_printf_impl: argv[1]: 0
[00:00:01.482,177] <dbg> wpa_supp: wpa_printf_impl: argv[2]: pairwise
[00:00:01.482,238] <dbg> wpa_supp: wpa_printf_impl: argv[3]: CCMP
[00:00:01.482,604] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'SET_NETWORK [REMOVED]'
[00:00:01.482,757] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: SET_NETWORK id=0 name='pairwise'
[00:00:01.482,818] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: value - hexdump_ascii(len=4): [REMOVED]
[00:00:01.482,910] <dbg> wpa_supp: wpa_printf_impl: pairwise: 0x10
[00:00:01.483,184] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: set_network, argc: 4
[00:00:01.483,245] <dbg> wpa_supp: wpa_printf_impl: argv[0]: set_network
[00:00:01.483,276] <dbg> wpa_supp: wpa_printf_impl: argv[1]: 0
[00:00:01.483,306] <dbg> wpa_supp: wpa_printf_impl: argv[2]: group_mgmt
[00:00:01.483,367] <dbg> wpa_supp: wpa_printf_impl: argv[3]: AES-128-CMAC
[00:00:01.483,734] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'SET_NETWORK [REMOVED]'
[00:00:01.483,917] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: SET_NETWORK id=0 name='group_mgmt'
[00:00:01.483,978] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: value - hexdump_ascii(len=12): [REMOVED]
[00:00:01.484,069] <dbg> wpa_supp: wpa_printf_impl: group_mgmt: 0x20
[00:00:01.484,375] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: set_network, argc: 4
[00:00:01.484,405] <dbg> wpa_supp: wpa_printf_impl: argv[0]: set_network
[00:00:01.484,466] <dbg> wpa_supp: wpa_printf_impl: argv[1]: 0
[00:00:01.484,497] <dbg> wpa_supp: wpa_printf_impl: argv[2]: proto
[00:00:01.484,527] <dbg> wpa_supp: wpa_printf_impl: argv[3]: RSN
[00:00:01.484,924] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'SET_NETWORK [REMOVED]'
[00:00:01.485,076] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: SET_NETWORK id=0 name='proto'
[00:00:01.485,137] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: value - hexdump_ascii(len=3): [REMOVED]
[00:00:01.485,443] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: set_network, argc: 4
[00:00:01.485,504] <dbg> wpa_supp: wpa_printf_impl: argv[0]: set_network
[00:00:01.485,534] <dbg> wpa_supp: wpa_printf_impl: argv[1]: 0
[00:00:01.485,565] <dbg> wpa_supp: wpa_printf_impl: argv[2]: eap
[00:00:01.485,626] <dbg> wpa_supp: wpa_printf_impl: argv[3]: TLS
[00:00:01.486,022] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'SET_NETWORK [REMOVED]'
[00:00:01.486,145] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: SET_NETWORK id=0 name='eap'
[00:00:01.486,206] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: value - hexdump_ascii(len=3): [REMOVED]
[00:00:01.486,511] <dbg> wpa_supp: wpa_printf_impl: eap methods - hexdump(len=16): 00 00 00 00 0d 00 00 00 00 00 00 00 00 00 00 00
[00:00:01.486,846] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: set_network, argc: 4
[00:00:01.486,877] <dbg> wpa_supp: wpa_printf_impl: argv[0]: set_network
[00:00:01.486,938] <dbg> wpa_supp: wpa_printf_impl: argv[1]: 0
[00:00:01.486,968] <dbg> wpa_supp: wpa_printf_impl: argv[2]: identity
[00:00:01.486,999] <dbg> wpa_supp: wpa_printf_impl: argv[3]: "cc2-004a"
[00:00:01.487,396] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'SET_NETWORK [REMOVED]'
[00:00:01.487,548] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: SET_NETWORK id=0 name='identity'
[00:00:01.487,609] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: value - hexdump_ascii(len=10): [REMOVED]
[00:00:01.487,701] <dbg> wpa_supp: wpa_printf_impl: identity - hexdump_ascii(len=8):
[00:00:01.487,731] <dbg> wpa_supp: _wpa_hexdump_ascii:
63 63 32 2d 30 30 34 61 |cc2-004a
[00:00:01.488,037] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: set_network, argc: 4
[00:00:01.488,067] <dbg> wpa_supp: wpa_printf_impl: argv[0]: set_network
[00:00:01.488,128] <dbg> wpa_supp: wpa_printf_impl: argv[1]: 0
[00:00:01.488,159] <dbg> wpa_supp: wpa_printf_impl: argv[2]: password
[00:00:01.488,220] <dbg> wpa_supp: wpa_printf_impl: argv[3]: "infrafon-2022"
[00:00:01.488,616] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'SET_NETWORK [REMOVED]'
[00:00:01.488,739] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: SET_NETWORK id=0 name='password'
[00:00:01.488,800] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: value - hexdump_ascii(len=15): [REMOVED]
[00:00:01.488,922] <dbg> wpa_supp: wpa_printf_impl: password - hexdump_ascii(len=13): [REMOVED]
[00:00:01.489,227] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: set_network, argc: 4
[00:00:01.489,257] <dbg> wpa_supp: wpa_printf_impl: argv[0]: set_network
[00:00:01.489,318] <dbg> wpa_supp: wpa_printf_impl: argv[1]: 0
[00:00:01.489,349] <dbg> wpa_supp: wpa_printf_impl: argv[2]: anonymous_identity
[00:00:01.489,410] <dbg> wpa_supp: wpa_printf_impl: argv[3]: "(null)"
[00:00:01.489,776] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'SET_NETWORK [REMOVED]'
[00:00:01.489,929] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: SET_NETWORK id=0 name='anonymous_identity'
[00:00:01.489,990] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: value - hexdump_ascii(len=8): [REMOVED]
[00:00:01.490,081] <dbg> wpa_supp: wpa_printf_impl: anonymous_identity - hexdump_ascii(len=6):
[00:00:01.490,112] <dbg> wpa_supp: _wpa_hexdump_ascii:
28 6e 75 6c 6c 29 |(null)
[00:00:01.490,356] <inf> sta: Connection requested
[00:00:01.490,417] <inf> sta: ==================
[00:00:01.490,447] <inf> sta: State: DISCONNECTED
[00:00:01.568,054] <dbg> wpa_supp: wpa_printf_impl: EAPOL: disable timer tick
[00:00:01.790,557] <inf> sta: ==================
What else should my code do to get this to work?
Thanks!
Parents
  • Hi,

    I recommend updating to nRF Connect SDK v3.0.0 or later, as that version has some improvements regarding Wi-Fi enterprise.

    Additionally, Wi-Fi enterprise requires X.509 certificates. If you are not providing this, it might explain why it does not work. I recommend taking a look at Wi-Fi Enterprise test: X.509 Certificate management in our documentation. Please note that run time certificates are only supported in v3.0.0 and later.

    Did you enable Wi-Fi enterprise mode in prj.conf?

    CONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE=y

    I recommend testing the Wi-Fi shell sample with enterprise mode, as described in Build the nRF70 Series DK for Shell sample with Enterprise mode, to verify that you can get enterprise mode to work with your AP and board.

    Best regards,
    Marte

  • I recommend updating to nRF Connect SDK v3.0.0 or later, as that version has some improvements regarding Wi-Fi enterprise.

    Ok, but that update broke my WPA-PSK operation... 

     Update to NCS3.0.0 broke wifi WPA2-PSK connect? 

    Maybe you can shed some light on that?

    Did you enable Wi-Fi enterprise mode in prj.conf?

    Fullscreen
    1
    CONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE=y
    XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

    I recommend testing the Wi-Fi shell sample with enterprise mode, as described in Build the nRF70 Series DK for Shell sample with Enterprise mode, to verify that you can get enterprise mode to work with your AP and board.

    Yes, thats exactly what I was trying to do but using the (simpler) wifi sta sample, see prj.conf as included above.

    wifi-sta prj.conf file:

    4300.prj.conf

    Additionally, Wi-Fi enterprise requires X.509 certificates. If you are not providing this, it might explain why it does not work. I recommend taking a look at Wi-Fi Enterprise test: X.509 Certificate management in our documentation. Please note that run time certificates are only supported in v3.0.0 and later.

    Ok... I see the wifi shell example, but its all using command lines to setup the connection. Do you have a C code connection params setup example (like my setup code above, but that does the certificate setup as well?)

    thanks

  • Please note that run time certificates are only supported in v3.0.0 and later.

    Do you mean in the shell sample?

    Anyway, I have updated the code to set the rootCA for the Radius server, and the client certificate, key and key password.

    Certificates (static in the code for now) : PEM format

    static char _ca_cert[] = "-----BEGIN CERTIFICATE-----"
    "MIIDdzCCAl+gAwIBAgIUSPHDcjKwnzJwpPNKqqJ9CZ6z8y0wDQYJKoZIhvcNAQEL"
    "BQAwSzELMAkGA1UEBhMCRlIxEjAQBgNVBAgMCUZpbmlzdGVyZTERMA8GA1UECgwI"
    "SW5mcmFmb24xFTATBgNVBAMMDGluZnJhZm9uLmNvbTAeFw0yNTA2MDMwODU5MzRa"
    "Fw0yNTA3MDMwODU5MzRaMEsxCzAJBgNVBAYTAkZSMRIwEAYDVQQIDAlGaW5pc3Rl"
    "cmUxETAPBgNVBAoMCEluZnJhZm9uMRUwEwYDVQQDDAxpbmZyYWZvbi5jb20wggEi"
    "MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIsfqHWTOvEbipYL/ReZGcuYZ/"
    "QTtzdqZvOUE10121QDM9yCIEN1xzcq16Dlfs+HmrXSFmHSZhMK2xrnd59DzuyDq5"
    "snQg2BPfEJUqxDJg+ON055j57GXp8dUKZrCY9VSZa17jtJHYThYZpUoxqDjFlWvO"
    "Shqcw/9rkf3z+/6nCF1uNV7vwife4mo1okY4SNUuxPBiEhZBZOg6d5Ydb0fxsxYj"
    "qMN+vu3ELHPnHzzcEMzY/iA5qahPigACbm4NwXRrfdvTFfcqgJ43WWZr9FLlj3TO"
    "5BX1HHYRerI+MhPIK/PJmQbbJy4VC91Z414XJElXAya5myMmwd8qDFc9NQqRAgMB"
    "AAGjUzBRMB0GA1UdDgQWBBSNNMZnwGIr73sGUr5ZcccVGkD3LTAfBgNVHSMEGDAW"
    "gBSNNMZnwGIr73sGUr5ZcccVGkD3LTAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3"
    "DQEBCwUAA4IBAQBOyrJ2iQpkycm0gsL+Z/Ueu3BA1sUGUC3cbIeluuPybzmsjTrA"
    "dqnaymJJbcRz+Ge39VpZpeVrQO5IwVLAWrzg2Vyyyv5uOdf2VjakfUlneAF0U+zK"
    "nZaaaLdwjj93wV14U+8JGF1Lb6Q41+fjQ5eIF/1OtV4gI8G9qQ46TwTsR+DSkKol"
    "Z/5AOWkg4TarfKzghS7O6llwV+mfwXKQtsQbGQVhscXKRsAVPE/OaqkYCSXgLRTf"
    "5pcYCeRky/fhUJV6BKy4VLac40u5luKOGSjNV4Ycnqr0o4vIexuPCKw21cCpGqnk"
    "11Y85cQqpF2DzU7gFW/ovVGl2ygcjjjeVg3V"
    "-----END CERTIFICATE-----"
    "";
    static char _client_cert[] = "-----BEGIN CERTIFICATE-----"
    "MIIDKDCCAhACFA36ysYJv6exm5n1jADbn3MLNCyrMA0GCSqGSIb3DQEBCwUAMEsx"
    "CzAJBgNVBAYTAkZSMRIwEAYDVQQIDAlGaW5pc3RlcmUxETAPBgNVBAoMCEluZnJh"
    "Zm9uMRUwEwYDVQQDDAxpbmZyYWZvbi5jb20wHhcNMjUwNjAzMDkxMDA5WhcNMjUw"
    "NzAzMDkxMDA5WjBWMQswCQYDVQQGEwJGUjESMBAGA1UECAwJRmluaXN0ZXJlMREw"
    "DwYDVQQKDAhJbmZyYWZvbjENMAsGA1UECwwEVGVzdDERMA8GA1UEAwwIY2MyLTAw"
    "NGEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7bN5Jy8kx7z3LU/qH"
    "IO1+QR/hjtx3sHQKp4ni6m+Mqv/PElxWEaxx8D3NThMmftGvDEbkDaV1G10KZODL"
    "maY0ExsUnaTewgk+nBs0rMfsJnbhxMBiaFstHYKPsqAF4JtvdKfTN05BkHDDHULI"
    "5N5DXP2Orty2Lh5866JfNywmDbcamDrbp1TcpJL7atc7ukrkPwZZU0tA9YAnkeYj"
    "sd9R/TUNA7UEo7wb4a+r+xiv+ECrzK5KJz+icYgQPbF52PFVrJX8rG/PrSqZGsr9"
    "XhWoZF7MzlmYRmqZijbB0khVHFn0x5lsXYyQL+5AXeoF/SbPFC65/qLdWTZSXWrr"
    "5RFdAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIai4nNCWtX+94jeX00a36qUffPW"
    "+neYi3aVZU9xestlvLhjhSf9bU5MO7w8JnRQaIzd2jh3NV+Ab4Yizrn7Zmr3bARY"
    "VPs1Uswf2HHoS5YIJqF/us6Px1wljNWi7hspyPpwFKPIWMXvMfAO4ZT+5mQ7ksYR"
    "aS3MuervINOwa166Sb64JgwQ9bWabKX14Wj03/VrVIkxzVzQjVsFFEH9abepao7w"
    "WQhxl3Sl+dFHH0IuGMC2cABhW69EynsF7LxvKZwFhgksVblHubOg6Ekq2KI79Mj8"
    "Su1KG4PXt8UX0scIn2Z8amxIHj+t2jz5+IYw0MDPHYtBMm9MPZkOBqmG1bk="
    "-----END CERTIFICATE-----"
    "";

    static char _client_key[] = "-----BEGIN RSA PRIVATE KEY-----"
    "Proc-Type: 4,ENCRYPTED"
    "DEK-Info: DES-EDE3-CBC,5BD79331E8C31EE0"
    ""
    "dBjnzKTP9Ww1RSJYxgExTmMvPKb2iWPjNw6tYbzXS+LrvecHZ7rhb9zUq3Giouwq"
    "PJ0Hv2XC8gzWqHvcaXHNytOYlvPzVMJqeoK3HRgTJi5v4ywBj73/Q9uKXPOQ1sFY"
    "N81ZJjIBDuGk0xMtlP4UJ6qGXrgEUzo/HgXN0mtdqDt8OFiVq9J1PztiYBCn0vpj"
    "VYBnwPCkBF/nngxMPKjsbWhFRXnANkwWluRI+R2fH+JjrYEars2LVThidWjCx3ej"
    "9Y9Ih9yE217/+ONWBDCgjs8Dh+rgMnvMsA13siwLfyXRfZvoC0Lymt17dvsDiaAc"
    "FTDB9gNtUh7ZnNoQ/7outlgcn9cRTAHVjq2dG5qO5KBwFCmU5RYBGK1uu43lpuL/"
    "08pGvCwJ7u4UCoLjk7Q68kAcBqCmqPX3Y9Qk4zgVMeXOeiA969t4VbNaUNq2ri2q"
    "fxH0Lbl34b3FGt/F9j9bCYdYak0V0846bC8jCOT5dMwz05bBvG1+5Erw2NCk9k2L"
    "B9ovTQeLdchFoJNrl9nPkh0ipxvtlyzyJLvKjJ0RGJJytkAbI173+OM7cQgsq1uz"
    "iOrY/f/cKEzyltpISZfARPmpzh/HflIGiiqpsv//0ITIl2X40RyNBXU7iTVKoMob"
    "4yuNDVQCoOXjyosJ6rir9Ou39BWY0qiY5njyXHrannMmjCeN9xcIztEN1TF1m6+Z"
    "znqhkc8e+fQlPIVNM15wH+WEw5egZSUWMDU3g8AsxiLxiRe/zdTnpXe+0hbAH4s+"
    "7iYes1/yD2p0rOTAh3Sg0htBXnUUK6M/OXTtcantG1SmwvENSV13rPXsTTnPhgIl"
    "GdGg/jGjW23iU6ztEkKEO/2v5+5wFNmFFrDAY5Pl3jElnoFwEnnA/n8ndCfboB+r"
    "wQJYrrU8WP1BsaEFrdU/yZuHqfO9Z3fFG/BqPUTe9MGksJF921ID3fDTdeo8RGY3"
    "leuDjiXRISgEc8a7BE0NYnkNnMMkKNkfa0zbgRJMg9NfJjNh+MsvesDUexwEgUOK"
    "2eRvVuXcyhFZ+SyN3ijY7EmGAGgCMI9FEQ+HbOZa+nQeUw1Rks8vZPYHPdHPYfac"
    "Hn+DyGZ4tpeMFEIzdjennEwEQj7uW7kB5eZvWp7kTpXbxZMI785ZGnS2Pfe1V9v5"
    "y6+PGvuBvkSdIKwtQDXyAd8WdnjVmBpfb/kFbpWqC8PytPr1bsMd6YPyaNo6pP/8"
    "fLmZ103gO5PFYathFRCV2/W/xsjunvLC1jt+og6iSzxzboFDhpO6Y2M6RsTjhk4c"
    "ybKfNt0UbLH5LW1+XYdqdLGSecefe6NBq/OWxkhXs9Om79Sv1+1qPoajVe+oIB2B"
    "MxcR78V8eE3OoymAT7mWAqiGokukFtMEaHbtkZtjBOEkLvVdiSG6y4uS2c6yE/e0"
    "chLwuCNgIa+uoHVh5Osc70RlRbhfkxzR3rkZxDeniIxCokO6iIi12l357mja2TM0"
    "uE8D2QMc16nvg9IsFy7bMc5Ehf6TSEmAfDhHTGDmpEEK/lEqIUSH0QeGVXh8w6ge"
    "Viy3qzpFg9ddjGIXl2TJt8nrWMqdMFvZMrHGKXRKujXLsctEB5FbeQ=="
    "-----END RSA PRIVATE KEY-----"
    "";
     
        struct wifi_enterprise_creds_params enterprise_creds_params={0};
        enterprise_creds_params.ca_cert = _ca_cert;
        enterprise_creds_params.ca_cert_len = sizeof(_ca_cert);
        enterprise_creds_params.client_cert = _client_cert;
        enterprise_creds_params.client_cert_len = sizeof(_client_cert);
        enterprise_creds_params.client_key = _client_key;
        enterprise_creds_params.client_key_len = sizeof(_client_key);
       
        int retreq = net_mgmt(NET_REQUEST_WIFI_ENTERPRISE_CREDS, iface, &enterprise_creds_params, sizeof(struct wifi_enterprise_creds_params));
        if (retreq!=0) {
            LOG_ERR("Failed to set Wi-Fi enterprise credentials: %d\n", retreq);
            return false;
        }
        LOG_INF("Wi-Fi enterprise credentials loaded and configured.");

    Params setup:

        params->timeout =  CONFIG_STA_CONN_TIMEOUT_SEC * MSEC_PER_SEC;

        if (params->timeout == 0) {
            params->timeout = SYS_FOREVER_MS;
        }

        /* Defaults */
        params->band = WIFI_FREQ_BAND_UNKNOWN;
        params->channel = WIFI_CHANNEL_ANY;
        params->security = WIFI_SECURITY_TYPE_NONE;
        params->mfp = WIFI_MFP_OPTIONAL;

        /* SSID */
        params->ssid =STA_SSID;
        params->ssid_length = strlen(params->ssid);

        params->security = WIFI_SECURITY_TYPE_EAP_TLS;
        params->key_passwd = STA_KEY_PASS;
        params->key_passwd_length = strlen(params->key_passwd);
        params->eap_identity = STA_IDENTITY;        //"cc2-004a";
        params->eap_id_length = strlen(params->eap_identity);
        params->eap_password = STA_PASSWORD;
        params->eap_passwd_length = strlen(params->eap_password);
     
    [is the eap_password used, and for what?]
    The logs show all this being sent to the wpa_supp via the cli, apparently without any errors when I do the connect request:
        if (net_mgmt(NET_REQUEST_WIFI_CONNECT, iface,
                 &cnx_params, sizeof(struct wifi_connect_req_params))) {
            LOG_ERR("Connection request failed");

            return -ENOEXEC;
        }

        LOG_INF("Connection requested");
    But following the request I never get anything else and the status remains as DISCONNECTED....
    [00:00:00.256,561] <inf> wifi_nrf_bus: SPIM spi@a000: freq = 24 MHz
    [00:00:00.256,591] <inf> wifi_nrf_bus: SPIM spi@a000: latency = 1
    *** Booting nRF Connect SDK v2.9.0-7787b2649840 ***
    *** Using Zephyr OS v3.7.99-1f8f3dc29142 ***
    [00:00:00.470,520] <inf> sta: Starting cc2v1 with CPU frequency: 64 MHz
    [00:00:00.470,703] <dbg> wpa_supp: wpa_printf_impl: wpa_supplicant v2.11-devel
    [00:00:00.470,916] <inf> wifi_supplicant: wpa_supplicant initialized
    [00:00:00.471,313] <dbg> wifi_supplicant: add_interface: Adding interface wlan0 [1] (0x200029b0)
    [00:00:00.471,405] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: interface_add, argc: 5
    [00:00:00.471,435] <dbg> wpa_supp: wpa_printf_impl: argv[0]: interface_add
    [00:00:00.471,496] <dbg> wpa_supp: wpa_printf_impl: argv[1]: wlan0
    [00:00:00.471,527] <dbg> wpa_supp: wpa_printf_impl: argv[2]: zephyr
    [00:00:00.471,588] <dbg> wpa_supp: wpa_printf_impl: argv[3]: zephyr
    [00:00:00.471,618] <dbg> wpa_supp: wpa_printf_impl: argv[4]: zephyr
    [00:00:00.471,984] <dbg> wpa_supp: wpa_printf_impl: RX global ctrl_iface - hexdump_ascii(len=71):
    [00:00:00.472,015] <dbg> wpa_supp: _wpa_hexdump_ascii:
                                       49 4e 54 45 52 46 41 43  45 5f 41 44 44 20 77 6c |INTERFAC E_ADD wl
                                       61 6e 30 09 7a 65 70 68  79 72 09 7a 65 70 68 79 |an0.zeph yr.zephy
                                       72 09 7a 65 70 68 79 72  09 09 09 09 20 77 6c 61 |r.zephyr .... wla
                                       6e 30 20 7a 65 70 68 79  72 20 7a 65 70 68 79 72 |n0 zephy r zephyr
                                       20 7a 65 70 68 79 72                             | zephyr
    [00:00:00.472,076] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE GLOBAL INTERFACE_ADD 'wlan0      zephyr  zephyr  zephyr                           wlan0 zephyr zephyr zephyr'
    [00:00:00.472,229] <dbg> wpa_supp: wpa_printf_impl: Initializing interface 'wlan0' conf 'zephyr' driver 'zephyr' ctrl_interface 'zephyr' bridge 'N/A'
    [00:00:00.474,090] <dbg> wpa_supp: wpa_printf_impl: Add interface wlan0 to a new radio N/A
    [00:00:00.477,447] <dbg> wpa_supp: wpa_printf_impl: wpa_supp: Added 802.11b mode based on 802.11g information
    [00:00:00.477,630] <dbg> wpa_supp: wpa_printf_impl: l2_packet_init: iface wlan0 ifindex 1
    [00:00:00.477,813] <dbg> wpa_supp: wpa_printf_impl: wlan0: Own MAC address: f0:ce:37:00:00:4a
    [00:00:00.477,935] <dbg> wpa_supp: wpa_printf_impl: _wpa_drv_zep_set_key: priv:0x2000b448 alg 0 addr 0x0 key_idx 0 set_tx 0 seq 0x0 seq_len 0 key 0x0 key_len 0 key_flag 10
    [00:00:00.481,414] <dbg> wpa_supp: wpa_printf_impl: _wpa_drv_zep_set_key: priv:0x2000b448 alg 0 addr 0x0 key_idx 1 set_tx 0 seq 0x0 seq_len 0 key 0x0 key_len 0 key_flag 10
    [00:00:00.483,612] <dbg> wpa_supp: wpa_printf_impl: _wpa_drv_zep_set_key: priv:0x2000b448 alg 0 addr 0x0 key_idx 2 set_tx 0 seq 0x0 seq_len 0 key 0x0 key_len 0 key_flag 10
    [00:00:00.485,809] <dbg> wpa_supp: wpa_printf_impl: _wpa_drv_zep_set_key: priv:0x2000b448 alg 0 addr 0x0 key_idx 3 set_tx 0 seq 0x0 seq_len 0 key 0x0 key_len 0 key_flag 10
    [00:00:00.487,976] <dbg> wpa_supp: wpa_printf_impl: _wpa_drv_zep_set_key: priv:0x2000b448 alg 0 addr 0x0 key_idx 4 set_tx 0 seq 0x0 seq_len 0 key 0x0 key_len 0 key_flag 10
    [00:00:00.490,051] <dbg> wpa_supp: wpa_printf_impl: _wpa_drv_zep_set_key: priv:0x2000b448 alg 0 addr 0x0 key_idx 5 set_tx 0 seq 0x0 seq_len 0 key 0x0 key_len 0 key_flag 10
    [00:00:00.493,469] <dbg> wpa_supp: wpa_printf_impl: wlan0: RSN: flushing PMKID list in the driver
    [00:00:00.493,591] <dbg> wpa_supp: wpa_printf_impl: wlan0: State: DISCONNECTED -> INACTIVE
    [00:00:00.555,755] <dbg> wpa_supp: wpa_printf_impl: EAPOL: SUPP_PAE entering state DISCONNECTED
    [00:00:00.555,786] <dbg> wpa_supp: wpa_printf_impl: EAPOL: Supplicant port status: Unauthorized
    [00:00:00.566,650] <dbg> wpa_supp: wpa_printf_impl: EAPOL: KEY_RX entering state NO_KEY_RECEIVE
    [00:00:00.566,711] <dbg> wpa_supp: wpa_printf_impl: EAPOL: SUPP_BE entering state INITIALIZE
    [00:00:00.566,741] <dbg> wpa_supp: wpa_printf_impl: EAP: EAP entering state DISABLED
    [00:00:00.567,138] <dbg> wpa_supp: wpa_printf_impl: wlan0: Added interface wlan0
    [00:00:00.567,260] <dbg> wpa_supp: wpa_printf_impl: wlan0: State: INACTIVE -> DISCONNECTED
    [00:00:01.470,581] <inf> sta: Wi-Fi enterprise credentials loaded and configured.
    [00:00:01.470,703] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: remove_network, argc: 2
    [00:00:01.470,733] <dbg> wpa_supp: wpa_printf_impl: argv[0]: remove_network
    [00:00:01.470,764] <dbg> wpa_supp: wpa_printf_impl: argv[1]: all
    [00:00:01.471,130] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'REMOVE_NETWORK all'
    [00:00:01.471,252] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: REMOVE_NETWORK all
    [00:00:01.471,740] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'ADD_NETWORK'
    [00:00:01.471,862] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: ADD_NETWORK
    [00:00:01.472,351] <dbg> wpa_supp: wpa_printf_impl: Received len: 26, msg_len:26 - CTRL-EVENT-NETWORK-ADDED 0->END
    [00:00:01.472,717] <dbg> wpa_supp: wpa_printf_impl: NET added: 0
    [00:00:01.472,808] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: set_network, argc: 4
    [00:00:01.472,839] <dbg> wpa_supp: wpa_printf_impl: argv[0]: set_network
    [00:00:01.472,900] <dbg> wpa_supp: wpa_printf_impl: argv[1]: 0
    [00:00:01.472,930] <dbg> wpa_supp: wpa_printf_impl: argv[2]: ssid
    [00:00:01.472,991] <dbg> wpa_supp: wpa_printf_impl: argv[3]: "kiosk_wpa2_ent"
    [00:00:01.473,358] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'SET_NETWORK [REMOVED]'
    [00:00:01.473,510] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: SET_NETWORK id=0 name='ssid'
    [00:00:01.473,571] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: value - hexdump_ascii(len=16): [REMOVED]
    [00:00:01.473,663] <dbg> wpa_supp: wpa_printf_impl: ssid - hexdump_ascii(len=14):
    [00:00:01.473,663] <dbg> wpa_supp: _wpa_hexdump_ascii:
                                       6b 69 6f 73 6b 5f 77 70  61 32 5f 65 6e 74       |kiosk_wp a2_ent
    [00:00:01.473,937] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: set_network, argc: 4
    [00:00:01.473,999] <dbg> wpa_supp: wpa_printf_impl: argv[0]: set_network
    [00:00:01.474,029] <dbg> wpa_supp: wpa_printf_impl: argv[1]: 0
    [00:00:01.474,090] <dbg> wpa_supp: wpa_printf_impl: argv[2]: scan_ssid
    [00:00:01.474,121] <dbg> wpa_supp: wpa_printf_impl: argv[3]: 1
    [00:00:01.474,517] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'SET_NETWORK [REMOVED]'
    [00:00:01.474,639] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: SET_NETWORK id=0 name='scan_ssid'
    [00:00:01.474,700] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: value - hexdump_ascii(len=1): [REMOVED]
    [00:00:01.474,761] <dbg> wpa_supp: wpa_printf_impl: scan_ssid=1 (0x1)
    [00:00:01.475,036] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: set_network, argc: 4
    [00:00:01.475,097] <dbg> wpa_supp: wpa_printf_impl: argv[0]: set_network
    [00:00:01.475,128] <dbg> wpa_supp: wpa_printf_impl: argv[1]: 0
    [00:00:01.475,189] <dbg> wpa_supp: wpa_printf_impl: argv[2]: key_mgmt
    [00:00:01.475,219] <dbg> wpa_supp: wpa_printf_impl: argv[3]: NONE
    [00:00:01.475,616] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'SET_NETWORK [REMOVED]'
    [00:00:01.475,738] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: SET_NETWORK id=0 name='key_mgmt'
    [00:00:01.475,799] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: value - hexdump_ascii(len=4): [REMOVED]
    [00:00:01.475,891] <dbg> wpa_supp: wpa_printf_impl: key_mgmt: 0x4
    [00:00:01.476,165] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: set_network, argc: 4
    [00:00:01.476,226] <dbg> wpa_supp: wpa_printf_impl: argv[0]: set_network
    [00:00:01.476,257] <dbg> wpa_supp: wpa_printf_impl: argv[1]: 0
    [00:00:01.476,287] <dbg> wpa_supp: wpa_printf_impl: argv[2]: ieee80211w
    [00:00:01.476,348] <dbg> wpa_supp: wpa_printf_impl: argv[3]: 0
    [00:00:01.476,715] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'SET_NETWORK [REMOVED]'
    [00:00:01.476,867] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: SET_NETWORK id=0 name='ieee80211w'
    [00:00:01.476,928] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: value - hexdump_ascii(len=1): [REMOVED]
    [00:00:01.477,081] <dbg> wpa_supp: wpa_printf_impl: ieee80211w=0 (0x0)
    [00:00:01.477,355] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: set_network, argc: 4
    [00:00:01.477,386] <dbg> wpa_supp: wpa_printf_impl: argv[0]: set_network
    [00:00:01.477,447] <dbg> wpa_supp: wpa_printf_impl: argv[1]: 0
    [00:00:01.477,478] <dbg> wpa_supp: wpa_printf_impl: argv[2]: proto
    [00:00:01.477,539] <dbg> wpa_supp: wpa_printf_impl: argv[3]: RSN
    [00:00:01.477,905] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'SET_NETWORK [REMOVED]'
    [00:00:01.478,057] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: SET_NETWORK id=0 name='proto'
    [00:00:01.478,118] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: value - hexdump_ascii(len=3): [REMOVED]
    [00:00:01.478,179] <dbg> wpa_supp: wpa_printf_impl: proto: 0x2
    [00:00:01.478,485] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: set_network, argc: 4
    [00:00:01.478,515] <dbg> wpa_supp: wpa_printf_impl: argv[0]: set_network
    [00:00:01.478,546] <dbg> wpa_supp: wpa_printf_impl: argv[1]: 0
    [00:00:01.478,607] <dbg> wpa_supp: wpa_printf_impl: argv[2]: key_mgmt
    [00:00:01.478,637] <dbg> wpa_supp: wpa_printf_impl: argv[3]: WPA-EAP
    [00:00:01.479,034] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'SET_NETWORK [REMOVED]'
    [00:00:01.479,156] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: SET_NETWORK id=0 name='key_mgmt'
    [00:00:01.479,217] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: value - hexdump_ascii(len=7): [REMOVED]
    [00:00:01.479,309] <dbg> wpa_supp: wpa_printf_impl: key_mgmt: 0x1
    [00:00:01.479,583] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: set, argc: 3
    [00:00:01.479,644] <dbg> wpa_supp: wpa_printf_impl: argv[0]: set
    [00:00:01.479,675] <dbg> wpa_supp: wpa_printf_impl: argv[1]: openssl_ciphers
    [00:00:01.479,736] <dbg> wpa_supp: wpa_printf_impl: argv[2]: "DEFAULT:!EXP:!LOW"
    [00:00:01.480,133] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'SET openssl_ciphers "DEFAULT:!EXP:!LOW"'
    [00:00:01.480,224] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE SET 'openssl_ciphers'='"DEFAULT:!EXP:!LOW"'
    [00:00:01.480,346] <dbg> wpa_supp: wpa_printf_impl: openssl_ciphers='"DEFAULT:!EXP:!LOW"'
    [00:00:01.480,621] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: set_network, argc: 4
    [00:00:01.480,682] <dbg> wpa_supp: wpa_printf_impl: argv[0]: set_network
    [00:00:01.480,712] <dbg> wpa_supp: wpa_printf_impl: argv[1]: 0
    [00:00:01.480,743] <dbg> wpa_supp: wpa_printf_impl: argv[2]: group
    [00:00:01.480,804] <dbg> wpa_supp: wpa_printf_impl: argv[3]: CCMP
    [00:00:01.481,170] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'SET_NETWORK [REMOVED]'
    [00:00:01.481,323] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: SET_NETWORK id=0 name='group'
    [00:00:01.481,384] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: value - hexdump_ascii(len=4): [REMOVED]
    [00:00:01.481,475] <dbg> wpa_supp: wpa_printf_impl: group: 0x10
    [00:00:01.481,750] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: set_network, argc: 4
    [00:00:01.481,781] <dbg> wpa_supp: wpa_printf_impl: argv[0]: set_network
    [00:00:01.481,842] <dbg> wpa_supp: wpa_printf_impl: argv[1]: 0
    [00:00:01.481,872] <dbg> wpa_supp: wpa_printf_impl: argv[2]: pairwise
    [00:00:01.481,933] <dbg> wpa_supp: wpa_printf_impl: argv[3]: CCMP
    [00:00:01.482,299] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'SET_NETWORK [REMOVED]'
    [00:00:01.482,452] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: SET_NETWORK id=0 name='pairwise'
    [00:00:01.482,513] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: value - hexdump_ascii(len=4): [REMOVED]
    [00:00:01.482,604] <dbg> wpa_supp: wpa_printf_impl: pairwise: 0x10
    [00:00:01.482,879] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: set_network, argc: 4
    [00:00:01.482,910] <dbg> wpa_supp: wpa_printf_impl: argv[0]: set_network
    [00:00:01.482,971] <dbg> wpa_supp: wpa_printf_impl: argv[1]: 0
    [00:00:01.483,001] <dbg> wpa_supp: wpa_printf_impl: argv[2]: group_mgmt
    [00:00:01.483,062] <dbg> wpa_supp: wpa_printf_impl: argv[3]: AES-128-CMAC
    [00:00:01.483,489] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'SET_NETWORK [REMOVED]'
    [00:00:01.483,612] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: SET_NETWORK id=0 name='group_mgmt'
    [00:00:01.483,673] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: value - hexdump_ascii(len=12): [REMOVED]
    [00:00:01.483,795] <dbg> wpa_supp: wpa_printf_impl: group_mgmt: 0x20
    [00:00:01.484,069] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: set_network, argc: 4
    [00:00:01.484,130] <dbg> wpa_supp: wpa_printf_impl: argv[0]: set_network
    [00:00:01.484,161] <dbg> wpa_supp: wpa_printf_impl: argv[1]: 0
    [00:00:01.484,191] <dbg> wpa_supp: wpa_printf_impl: argv[2]: proto
    [00:00:01.484,252] <dbg> wpa_supp: wpa_printf_impl: argv[3]: RSN
    [00:00:01.484,649] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'SET_NETWORK [REMOVED]'
    [00:00:01.484,771] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: SET_NETWORK id=0 name='proto'
    [00:00:01.484,832] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: value - hexdump_ascii(len=3): [REMOVED]
    [00:00:01.485,168] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: set_network, argc: 4
    [00:00:01.485,198] <dbg> wpa_supp: wpa_printf_impl: argv[0]: set_network
    [00:00:01.485,260] <dbg> wpa_supp: wpa_printf_impl: argv[1]: 0
    [00:00:01.485,290] <dbg> wpa_supp: wpa_printf_impl: argv[2]: eap
    [00:00:01.485,321] <dbg> wpa_supp: wpa_printf_impl: argv[3]: TLS
    [00:00:01.485,717] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'SET_NETWORK [REMOVED]'
    [00:00:01.485,870] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: SET_NETWORK id=0 name='eap'
    [00:00:01.485,931] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: value - hexdump_ascii(len=3): [REMOVED]
    [00:00:01.486,236] <dbg> wpa_supp: wpa_printf_impl: eap methods - hexdump(len=16): 00 00 00 00 0d 00 00 00 00 00 00 00 00 00 00 00
    [00:00:01.486,541] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: set_network, argc: 4
    [00:00:01.486,602] <dbg> wpa_supp: wpa_printf_impl: argv[0]: set_network
    [00:00:01.486,633] <dbg> wpa_supp: wpa_printf_impl: argv[1]: 0
    [00:00:01.486,694] <dbg> wpa_supp: wpa_printf_impl: argv[2]: identity
    [00:00:01.486,724] <dbg> wpa_supp: wpa_printf_impl: argv[3]: "cc2-004a"
    [00:00:01.487,121] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'SET_NETWORK [REMOVED]'
    [00:00:01.487,274] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: SET_NETWORK id=0 name='identity'
    [00:00:01.487,335] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: value - hexdump_ascii(len=10): [REMOVED]
    [00:00:01.487,426] <dbg> wpa_supp: wpa_printf_impl: identity - hexdump_ascii(len=8):
    [00:00:01.487,457] <dbg> wpa_supp: _wpa_hexdump_ascii:
                                       63 63 32 2d 30 30 34 61                          |cc2-004a
    [00:00:01.487,762] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: set_network, argc: 4
    [00:00:01.487,792] <dbg> wpa_supp: wpa_printf_impl: argv[0]: set_network
    [00:00:01.487,854] <dbg> wpa_supp: wpa_printf_impl: argv[1]: 0
    [00:00:01.487,884] <dbg> wpa_supp: wpa_printf_impl: argv[2]: password
    [00:00:01.487,945] <dbg> wpa_supp: wpa_printf_impl: argv[3]: "infrafon-2022"
    [00:00:01.488,311] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'SET_NETWORK [REMOVED]'
    [00:00:01.488,464] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: SET_NETWORK id=0 name='password'
    [00:00:01.488,525] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: value - hexdump_ascii(len=15): [REMOVED]
    [00:00:01.488,647] <dbg> wpa_supp: wpa_printf_impl: password - hexdump_ascii(len=13): [REMOVED]
    [00:00:01.488,952] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: set_network, argc: 4
    [00:00:01.488,983] <dbg> wpa_supp: wpa_printf_impl: argv[0]: set_network
    [00:00:01.489,044] <dbg> wpa_supp: wpa_printf_impl: argv[1]: 0
    [00:00:01.489,074] <dbg> wpa_supp: wpa_printf_impl: argv[2]: anonymous_identity
    [00:00:01.489,135] <dbg> wpa_supp: wpa_printf_impl: argv[3]: "(null)"
    [00:00:01.489,532] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'SET_NETWORK [REMOVED]'
    [00:00:01.489,654] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: SET_NETWORK id=0 name='anonymous_identity'
    [00:00:01.489,715] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: value - hexdump_ascii(len=8): [REMOVED]
    [00:00:01.489,837] <dbg> wpa_supp: wpa_printf_impl: anonymous_identity - hexdump_ascii(len=6):
    [00:00:01.489,837] <dbg> wpa_supp: _wpa_hexdump_ascii:
                                       28 6e 75 6c 6c 29                                |(null)
    [00:00:01.490,234] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: set_network, argc: 4
    [00:00:01.490,264] <dbg> wpa_supp: wpa_printf_impl: argv[0]: set_network
    [00:00:01.490,325] <dbg> wpa_supp: wpa_printf_impl: argv[1]: 0
    [00:00:01.490,356] <dbg> wpa_supp: wpa_printf_impl: argv[2]: ca_cert
    [00:00:01.490,417] <dbg> wpa_supp: wpa_printf_impl: argv[3]: "blob://ca_cert"
    [00:00:01.490,783] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'SET_NETWORK [REMOVED]'
    [00:00:01.490,936] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: SET_NETWORK id=0 name='ca_cert'
    [00:00:01.490,997] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: value - hexdump_ascii(len=16): [REMOVED]
    [00:00:01.491,119] <dbg> wpa_supp: wpa_printf_impl: ca_cert - hexdump_ascii(len=14):
    [00:00:01.491,149] <dbg> wpa_supp: _wpa_hexdump_ascii:
                                       62 6c 6f 62 3a 2f 2f 63  61 5f 63 65 72 74       |blob://c a_cert
    [00:00:01.491,516] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: set_network, argc: 4
    [00:00:01.491,546] <dbg> wpa_supp: wpa_printf_impl: argv[0]: set_network
    [00:00:01.491,607] <dbg> wpa_supp: wpa_printf_impl: argv[1]: 0
    [00:00:01.491,638] <dbg> wpa_supp: wpa_printf_impl: argv[2]: client_cert
    [00:00:01.491,699] <dbg> wpa_supp: wpa_printf_impl: argv[3]: "blob://client_cert"
    [00:00:01.492,095] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'SET_NETWORK [REMOVED]'
    [00:00:01.492,218] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: SET_NETWORK id=0 name='client_cert'
    [00:00:01.492,279] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: value - hexdump_ascii(len=20): [REMOVED]
    [00:00:01.492,401] <dbg> wpa_supp: wpa_printf_impl: client_cert - hexdump_ascii(len=18):
    [00:00:01.492,431] <dbg> wpa_supp: _wpa_hexdump_ascii:
                                       62 6c 6f 62 3a 2f 2f 63  6c 69 65 6e 74 5f 63 65 |blob://c lient_ce
                                       72 74                                            |rt
    [00:00:01.492,828] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: set_network, argc: 4
    [00:00:01.492,889] <dbg> wpa_supp: wpa_printf_impl: argv[0]: set_network
    [00:00:01.492,919] <dbg> wpa_supp: wpa_printf_impl: argv[1]: 0
    [00:00:01.492,980] <dbg> wpa_supp: wpa_printf_impl: argv[2]: private_key
    [00:00:01.493,011] <dbg> wpa_supp: wpa_printf_impl: argv[3]: "blob://private_key"
    [00:00:01.493,408] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'SET_NETWORK [REMOVED]'
    [00:00:01.493,530] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: SET_NETWORK id=0 name='private_key'
    [00:00:01.493,621] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: value - hexdump_ascii(len=20): [REMOVED]
    [00:00:01.493,743] <dbg> wpa_supp: wpa_printf_impl: private_key - hexdump_ascii(len=18):
    [00:00:01.493,743] <dbg> wpa_supp: _wpa_hexdump_ascii:
                                       62 6c 6f 62 3a 2f 2f 70  72 69 76 61 74 65 5f 6b |blob://p rivate_k
                                       65 79                                            |ey
    [00:00:01.494,049] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: set_network, argc: 4
    [00:00:01.494,110] <dbg> wpa_supp: wpa_printf_impl: argv[0]: set_network
    [00:00:01.494,140] <dbg> wpa_supp: wpa_printf_impl: argv[1]: 0
    [00:00:01.494,201] <dbg> wpa_supp: wpa_printf_impl: argv[2]: private_key_passwd
    [00:00:01.494,232] <dbg> wpa_supp: wpa_printf_impl: argv[3]: "key_004a-2025"
    [00:00:01.494,628] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'SET_NETWORK [REMOVED]'
    [00:00:01.494,781] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: SET_NETWORK id=0 name='private_key_passwd'
    [00:00:01.494,842] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: value - hexdump_ascii(len=15): [REMOVED]
    [00:00:01.494,964] <dbg> wpa_supp: wpa_printf_impl: private_key_passwd - hexdump_ascii(len=13): [REMOVED]
    [00:00:01.495,208] <inf> sta: Connection requested
    [00:00:01.495,269] <inf> sta: ==================
    [00:00:01.495,300] <inf> sta: State: DISCONNECTED
    [00:00:01.566,986] <dbg> wpa_supp: wpa_printf_impl: EAPOL: disable timer tick
    [00:00:01.795,410] <inf> sta: ==================
    
    How to debug this further?
    thanks
Reply
  • Please note that run time certificates are only supported in v3.0.0 and later.

    Do you mean in the shell sample?

    Anyway, I have updated the code to set the rootCA for the Radius server, and the client certificate, key and key password.

    Certificates (static in the code for now) : PEM format

    static char _ca_cert[] = "-----BEGIN CERTIFICATE-----"
    "MIIDdzCCAl+gAwIBAgIUSPHDcjKwnzJwpPNKqqJ9CZ6z8y0wDQYJKoZIhvcNAQEL"
    "BQAwSzELMAkGA1UEBhMCRlIxEjAQBgNVBAgMCUZpbmlzdGVyZTERMA8GA1UECgwI"
    "SW5mcmFmb24xFTATBgNVBAMMDGluZnJhZm9uLmNvbTAeFw0yNTA2MDMwODU5MzRa"
    "Fw0yNTA3MDMwODU5MzRaMEsxCzAJBgNVBAYTAkZSMRIwEAYDVQQIDAlGaW5pc3Rl"
    "cmUxETAPBgNVBAoMCEluZnJhZm9uMRUwEwYDVQQDDAxpbmZyYWZvbi5jb20wggEi"
    "MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIsfqHWTOvEbipYL/ReZGcuYZ/"
    "QTtzdqZvOUE10121QDM9yCIEN1xzcq16Dlfs+HmrXSFmHSZhMK2xrnd59DzuyDq5"
    "snQg2BPfEJUqxDJg+ON055j57GXp8dUKZrCY9VSZa17jtJHYThYZpUoxqDjFlWvO"
    "Shqcw/9rkf3z+/6nCF1uNV7vwife4mo1okY4SNUuxPBiEhZBZOg6d5Ydb0fxsxYj"
    "qMN+vu3ELHPnHzzcEMzY/iA5qahPigACbm4NwXRrfdvTFfcqgJ43WWZr9FLlj3TO"
    "5BX1HHYRerI+MhPIK/PJmQbbJy4VC91Z414XJElXAya5myMmwd8qDFc9NQqRAgMB"
    "AAGjUzBRMB0GA1UdDgQWBBSNNMZnwGIr73sGUr5ZcccVGkD3LTAfBgNVHSMEGDAW"
    "gBSNNMZnwGIr73sGUr5ZcccVGkD3LTAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3"
    "DQEBCwUAA4IBAQBOyrJ2iQpkycm0gsL+Z/Ueu3BA1sUGUC3cbIeluuPybzmsjTrA"
    "dqnaymJJbcRz+Ge39VpZpeVrQO5IwVLAWrzg2Vyyyv5uOdf2VjakfUlneAF0U+zK"
    "nZaaaLdwjj93wV14U+8JGF1Lb6Q41+fjQ5eIF/1OtV4gI8G9qQ46TwTsR+DSkKol"
    "Z/5AOWkg4TarfKzghS7O6llwV+mfwXKQtsQbGQVhscXKRsAVPE/OaqkYCSXgLRTf"
    "5pcYCeRky/fhUJV6BKy4VLac40u5luKOGSjNV4Ycnqr0o4vIexuPCKw21cCpGqnk"
    "11Y85cQqpF2DzU7gFW/ovVGl2ygcjjjeVg3V"
    "-----END CERTIFICATE-----"
    "";
    static char _client_cert[] = "-----BEGIN CERTIFICATE-----"
    "MIIDKDCCAhACFA36ysYJv6exm5n1jADbn3MLNCyrMA0GCSqGSIb3DQEBCwUAMEsx"
    "CzAJBgNVBAYTAkZSMRIwEAYDVQQIDAlGaW5pc3RlcmUxETAPBgNVBAoMCEluZnJh"
    "Zm9uMRUwEwYDVQQDDAxpbmZyYWZvbi5jb20wHhcNMjUwNjAzMDkxMDA5WhcNMjUw"
    "NzAzMDkxMDA5WjBWMQswCQYDVQQGEwJGUjESMBAGA1UECAwJRmluaXN0ZXJlMREw"
    "DwYDVQQKDAhJbmZyYWZvbjENMAsGA1UECwwEVGVzdDERMA8GA1UEAwwIY2MyLTAw"
    "NGEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7bN5Jy8kx7z3LU/qH"
    "IO1+QR/hjtx3sHQKp4ni6m+Mqv/PElxWEaxx8D3NThMmftGvDEbkDaV1G10KZODL"
    "maY0ExsUnaTewgk+nBs0rMfsJnbhxMBiaFstHYKPsqAF4JtvdKfTN05BkHDDHULI"
    "5N5DXP2Orty2Lh5866JfNywmDbcamDrbp1TcpJL7atc7ukrkPwZZU0tA9YAnkeYj"
    "sd9R/TUNA7UEo7wb4a+r+xiv+ECrzK5KJz+icYgQPbF52PFVrJX8rG/PrSqZGsr9"
    "XhWoZF7MzlmYRmqZijbB0khVHFn0x5lsXYyQL+5AXeoF/SbPFC65/qLdWTZSXWrr"
    "5RFdAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIai4nNCWtX+94jeX00a36qUffPW"
    "+neYi3aVZU9xestlvLhjhSf9bU5MO7w8JnRQaIzd2jh3NV+Ab4Yizrn7Zmr3bARY"
    "VPs1Uswf2HHoS5YIJqF/us6Px1wljNWi7hspyPpwFKPIWMXvMfAO4ZT+5mQ7ksYR"
    "aS3MuervINOwa166Sb64JgwQ9bWabKX14Wj03/VrVIkxzVzQjVsFFEH9abepao7w"
    "WQhxl3Sl+dFHH0IuGMC2cABhW69EynsF7LxvKZwFhgksVblHubOg6Ekq2KI79Mj8"
    "Su1KG4PXt8UX0scIn2Z8amxIHj+t2jz5+IYw0MDPHYtBMm9MPZkOBqmG1bk="
    "-----END CERTIFICATE-----"
    "";

    static char _client_key[] = "-----BEGIN RSA PRIVATE KEY-----"
    "Proc-Type: 4,ENCRYPTED"
    "DEK-Info: DES-EDE3-CBC,5BD79331E8C31EE0"
    ""
    "dBjnzKTP9Ww1RSJYxgExTmMvPKb2iWPjNw6tYbzXS+LrvecHZ7rhb9zUq3Giouwq"
    "PJ0Hv2XC8gzWqHvcaXHNytOYlvPzVMJqeoK3HRgTJi5v4ywBj73/Q9uKXPOQ1sFY"
    "N81ZJjIBDuGk0xMtlP4UJ6qGXrgEUzo/HgXN0mtdqDt8OFiVq9J1PztiYBCn0vpj"
    "VYBnwPCkBF/nngxMPKjsbWhFRXnANkwWluRI+R2fH+JjrYEars2LVThidWjCx3ej"
    "9Y9Ih9yE217/+ONWBDCgjs8Dh+rgMnvMsA13siwLfyXRfZvoC0Lymt17dvsDiaAc"
    "FTDB9gNtUh7ZnNoQ/7outlgcn9cRTAHVjq2dG5qO5KBwFCmU5RYBGK1uu43lpuL/"
    "08pGvCwJ7u4UCoLjk7Q68kAcBqCmqPX3Y9Qk4zgVMeXOeiA969t4VbNaUNq2ri2q"
    "fxH0Lbl34b3FGt/F9j9bCYdYak0V0846bC8jCOT5dMwz05bBvG1+5Erw2NCk9k2L"
    "B9ovTQeLdchFoJNrl9nPkh0ipxvtlyzyJLvKjJ0RGJJytkAbI173+OM7cQgsq1uz"
    "iOrY/f/cKEzyltpISZfARPmpzh/HflIGiiqpsv//0ITIl2X40RyNBXU7iTVKoMob"
    "4yuNDVQCoOXjyosJ6rir9Ou39BWY0qiY5njyXHrannMmjCeN9xcIztEN1TF1m6+Z"
    "znqhkc8e+fQlPIVNM15wH+WEw5egZSUWMDU3g8AsxiLxiRe/zdTnpXe+0hbAH4s+"
    "7iYes1/yD2p0rOTAh3Sg0htBXnUUK6M/OXTtcantG1SmwvENSV13rPXsTTnPhgIl"
    "GdGg/jGjW23iU6ztEkKEO/2v5+5wFNmFFrDAY5Pl3jElnoFwEnnA/n8ndCfboB+r"
    "wQJYrrU8WP1BsaEFrdU/yZuHqfO9Z3fFG/BqPUTe9MGksJF921ID3fDTdeo8RGY3"
    "leuDjiXRISgEc8a7BE0NYnkNnMMkKNkfa0zbgRJMg9NfJjNh+MsvesDUexwEgUOK"
    "2eRvVuXcyhFZ+SyN3ijY7EmGAGgCMI9FEQ+HbOZa+nQeUw1Rks8vZPYHPdHPYfac"
    "Hn+DyGZ4tpeMFEIzdjennEwEQj7uW7kB5eZvWp7kTpXbxZMI785ZGnS2Pfe1V9v5"
    "y6+PGvuBvkSdIKwtQDXyAd8WdnjVmBpfb/kFbpWqC8PytPr1bsMd6YPyaNo6pP/8"
    "fLmZ103gO5PFYathFRCV2/W/xsjunvLC1jt+og6iSzxzboFDhpO6Y2M6RsTjhk4c"
    "ybKfNt0UbLH5LW1+XYdqdLGSecefe6NBq/OWxkhXs9Om79Sv1+1qPoajVe+oIB2B"
    "MxcR78V8eE3OoymAT7mWAqiGokukFtMEaHbtkZtjBOEkLvVdiSG6y4uS2c6yE/e0"
    "chLwuCNgIa+uoHVh5Osc70RlRbhfkxzR3rkZxDeniIxCokO6iIi12l357mja2TM0"
    "uE8D2QMc16nvg9IsFy7bMc5Ehf6TSEmAfDhHTGDmpEEK/lEqIUSH0QeGVXh8w6ge"
    "Viy3qzpFg9ddjGIXl2TJt8nrWMqdMFvZMrHGKXRKujXLsctEB5FbeQ=="
    "-----END RSA PRIVATE KEY-----"
    "";
     
        struct wifi_enterprise_creds_params enterprise_creds_params={0};
        enterprise_creds_params.ca_cert = _ca_cert;
        enterprise_creds_params.ca_cert_len = sizeof(_ca_cert);
        enterprise_creds_params.client_cert = _client_cert;
        enterprise_creds_params.client_cert_len = sizeof(_client_cert);
        enterprise_creds_params.client_key = _client_key;
        enterprise_creds_params.client_key_len = sizeof(_client_key);
       
        int retreq = net_mgmt(NET_REQUEST_WIFI_ENTERPRISE_CREDS, iface, &enterprise_creds_params, sizeof(struct wifi_enterprise_creds_params));
        if (retreq!=0) {
            LOG_ERR("Failed to set Wi-Fi enterprise credentials: %d\n", retreq);
            return false;
        }
        LOG_INF("Wi-Fi enterprise credentials loaded and configured.");

    Params setup:

        params->timeout =  CONFIG_STA_CONN_TIMEOUT_SEC * MSEC_PER_SEC;

        if (params->timeout == 0) {
            params->timeout = SYS_FOREVER_MS;
        }

        /* Defaults */
        params->band = WIFI_FREQ_BAND_UNKNOWN;
        params->channel = WIFI_CHANNEL_ANY;
        params->security = WIFI_SECURITY_TYPE_NONE;
        params->mfp = WIFI_MFP_OPTIONAL;

        /* SSID */
        params->ssid =STA_SSID;
        params->ssid_length = strlen(params->ssid);

        params->security = WIFI_SECURITY_TYPE_EAP_TLS;
        params->key_passwd = STA_KEY_PASS;
        params->key_passwd_length = strlen(params->key_passwd);
        params->eap_identity = STA_IDENTITY;        //"cc2-004a";
        params->eap_id_length = strlen(params->eap_identity);
        params->eap_password = STA_PASSWORD;
        params->eap_passwd_length = strlen(params->eap_password);
     
    [is the eap_password used, and for what?]
    The logs show all this being sent to the wpa_supp via the cli, apparently without any errors when I do the connect request:
        if (net_mgmt(NET_REQUEST_WIFI_CONNECT, iface,
                 &cnx_params, sizeof(struct wifi_connect_req_params))) {
            LOG_ERR("Connection request failed");

            return -ENOEXEC;
        }

        LOG_INF("Connection requested");
    But following the request I never get anything else and the status remains as DISCONNECTED....
    [00:00:00.256,561] <inf> wifi_nrf_bus: SPIM spi@a000: freq = 24 MHz
    [00:00:00.256,591] <inf> wifi_nrf_bus: SPIM spi@a000: latency = 1
    *** Booting nRF Connect SDK v2.9.0-7787b2649840 ***
    *** Using Zephyr OS v3.7.99-1f8f3dc29142 ***
    [00:00:00.470,520] <inf> sta: Starting cc2v1 with CPU frequency: 64 MHz
    [00:00:00.470,703] <dbg> wpa_supp: wpa_printf_impl: wpa_supplicant v2.11-devel
    [00:00:00.470,916] <inf> wifi_supplicant: wpa_supplicant initialized
    [00:00:00.471,313] <dbg> wifi_supplicant: add_interface: Adding interface wlan0 [1] (0x200029b0)
    [00:00:00.471,405] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: interface_add, argc: 5
    [00:00:00.471,435] <dbg> wpa_supp: wpa_printf_impl: argv[0]: interface_add
    [00:00:00.471,496] <dbg> wpa_supp: wpa_printf_impl: argv[1]: wlan0
    [00:00:00.471,527] <dbg> wpa_supp: wpa_printf_impl: argv[2]: zephyr
    [00:00:00.471,588] <dbg> wpa_supp: wpa_printf_impl: argv[3]: zephyr
    [00:00:00.471,618] <dbg> wpa_supp: wpa_printf_impl: argv[4]: zephyr
    [00:00:00.471,984] <dbg> wpa_supp: wpa_printf_impl: RX global ctrl_iface - hexdump_ascii(len=71):
    [00:00:00.472,015] <dbg> wpa_supp: _wpa_hexdump_ascii:
                                       49 4e 54 45 52 46 41 43  45 5f 41 44 44 20 77 6c |INTERFAC E_ADD wl
                                       61 6e 30 09 7a 65 70 68  79 72 09 7a 65 70 68 79 |an0.zeph yr.zephy
                                       72 09 7a 65 70 68 79 72  09 09 09 09 20 77 6c 61 |r.zephyr .... wla
                                       6e 30 20 7a 65 70 68 79  72 20 7a 65 70 68 79 72 |n0 zephy r zephyr
                                       20 7a 65 70 68 79 72                             | zephyr
    [00:00:00.472,076] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE GLOBAL INTERFACE_ADD 'wlan0      zephyr  zephyr  zephyr                           wlan0 zephyr zephyr zephyr'
    [00:00:00.472,229] <dbg> wpa_supp: wpa_printf_impl: Initializing interface 'wlan0' conf 'zephyr' driver 'zephyr' ctrl_interface 'zephyr' bridge 'N/A'
    [00:00:00.474,090] <dbg> wpa_supp: wpa_printf_impl: Add interface wlan0 to a new radio N/A
    [00:00:00.477,447] <dbg> wpa_supp: wpa_printf_impl: wpa_supp: Added 802.11b mode based on 802.11g information
    [00:00:00.477,630] <dbg> wpa_supp: wpa_printf_impl: l2_packet_init: iface wlan0 ifindex 1
    [00:00:00.477,813] <dbg> wpa_supp: wpa_printf_impl: wlan0: Own MAC address: f0:ce:37:00:00:4a
    [00:00:00.477,935] <dbg> wpa_supp: wpa_printf_impl: _wpa_drv_zep_set_key: priv:0x2000b448 alg 0 addr 0x0 key_idx 0 set_tx 0 seq 0x0 seq_len 0 key 0x0 key_len 0 key_flag 10
    [00:00:00.481,414] <dbg> wpa_supp: wpa_printf_impl: _wpa_drv_zep_set_key: priv:0x2000b448 alg 0 addr 0x0 key_idx 1 set_tx 0 seq 0x0 seq_len 0 key 0x0 key_len 0 key_flag 10
    [00:00:00.483,612] <dbg> wpa_supp: wpa_printf_impl: _wpa_drv_zep_set_key: priv:0x2000b448 alg 0 addr 0x0 key_idx 2 set_tx 0 seq 0x0 seq_len 0 key 0x0 key_len 0 key_flag 10
    [00:00:00.485,809] <dbg> wpa_supp: wpa_printf_impl: _wpa_drv_zep_set_key: priv:0x2000b448 alg 0 addr 0x0 key_idx 3 set_tx 0 seq 0x0 seq_len 0 key 0x0 key_len 0 key_flag 10
    [00:00:00.487,976] <dbg> wpa_supp: wpa_printf_impl: _wpa_drv_zep_set_key: priv:0x2000b448 alg 0 addr 0x0 key_idx 4 set_tx 0 seq 0x0 seq_len 0 key 0x0 key_len 0 key_flag 10
    [00:00:00.490,051] <dbg> wpa_supp: wpa_printf_impl: _wpa_drv_zep_set_key: priv:0x2000b448 alg 0 addr 0x0 key_idx 5 set_tx 0 seq 0x0 seq_len 0 key 0x0 key_len 0 key_flag 10
    [00:00:00.493,469] <dbg> wpa_supp: wpa_printf_impl: wlan0: RSN: flushing PMKID list in the driver
    [00:00:00.493,591] <dbg> wpa_supp: wpa_printf_impl: wlan0: State: DISCONNECTED -> INACTIVE
    [00:00:00.555,755] <dbg> wpa_supp: wpa_printf_impl: EAPOL: SUPP_PAE entering state DISCONNECTED
    [00:00:00.555,786] <dbg> wpa_supp: wpa_printf_impl: EAPOL: Supplicant port status: Unauthorized
    [00:00:00.566,650] <dbg> wpa_supp: wpa_printf_impl: EAPOL: KEY_RX entering state NO_KEY_RECEIVE
    [00:00:00.566,711] <dbg> wpa_supp: wpa_printf_impl: EAPOL: SUPP_BE entering state INITIALIZE
    [00:00:00.566,741] <dbg> wpa_supp: wpa_printf_impl: EAP: EAP entering state DISABLED
    [00:00:00.567,138] <dbg> wpa_supp: wpa_printf_impl: wlan0: Added interface wlan0
    [00:00:00.567,260] <dbg> wpa_supp: wpa_printf_impl: wlan0: State: INACTIVE -> DISCONNECTED
    [00:00:01.470,581] <inf> sta: Wi-Fi enterprise credentials loaded and configured.
    [00:00:01.470,703] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: remove_network, argc: 2
    [00:00:01.470,733] <dbg> wpa_supp: wpa_printf_impl: argv[0]: remove_network
    [00:00:01.470,764] <dbg> wpa_supp: wpa_printf_impl: argv[1]: all
    [00:00:01.471,130] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'REMOVE_NETWORK all'
    [00:00:01.471,252] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: REMOVE_NETWORK all
    [00:00:01.471,740] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'ADD_NETWORK'
    [00:00:01.471,862] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: ADD_NETWORK
    [00:00:01.472,351] <dbg> wpa_supp: wpa_printf_impl: Received len: 26, msg_len:26 - CTRL-EVENT-NETWORK-ADDED 0->END
    [00:00:01.472,717] <dbg> wpa_supp: wpa_printf_impl: NET added: 0
    [00:00:01.472,808] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: set_network, argc: 4
    [00:00:01.472,839] <dbg> wpa_supp: wpa_printf_impl: argv[0]: set_network
    [00:00:01.472,900] <dbg> wpa_supp: wpa_printf_impl: argv[1]: 0
    [00:00:01.472,930] <dbg> wpa_supp: wpa_printf_impl: argv[2]: ssid
    [00:00:01.472,991] <dbg> wpa_supp: wpa_printf_impl: argv[3]: "kiosk_wpa2_ent"
    [00:00:01.473,358] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'SET_NETWORK [REMOVED]'
    [00:00:01.473,510] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: SET_NETWORK id=0 name='ssid'
    [00:00:01.473,571] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: value - hexdump_ascii(len=16): [REMOVED]
    [00:00:01.473,663] <dbg> wpa_supp: wpa_printf_impl: ssid - hexdump_ascii(len=14):
    [00:00:01.473,663] <dbg> wpa_supp: _wpa_hexdump_ascii:
                                       6b 69 6f 73 6b 5f 77 70  61 32 5f 65 6e 74       |kiosk_wp a2_ent
    [00:00:01.473,937] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: set_network, argc: 4
    [00:00:01.473,999] <dbg> wpa_supp: wpa_printf_impl: argv[0]: set_network
    [00:00:01.474,029] <dbg> wpa_supp: wpa_printf_impl: argv[1]: 0
    [00:00:01.474,090] <dbg> wpa_supp: wpa_printf_impl: argv[2]: scan_ssid
    [00:00:01.474,121] <dbg> wpa_supp: wpa_printf_impl: argv[3]: 1
    [00:00:01.474,517] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'SET_NETWORK [REMOVED]'
    [00:00:01.474,639] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: SET_NETWORK id=0 name='scan_ssid'
    [00:00:01.474,700] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: value - hexdump_ascii(len=1): [REMOVED]
    [00:00:01.474,761] <dbg> wpa_supp: wpa_printf_impl: scan_ssid=1 (0x1)
    [00:00:01.475,036] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: set_network, argc: 4
    [00:00:01.475,097] <dbg> wpa_supp: wpa_printf_impl: argv[0]: set_network
    [00:00:01.475,128] <dbg> wpa_supp: wpa_printf_impl: argv[1]: 0
    [00:00:01.475,189] <dbg> wpa_supp: wpa_printf_impl: argv[2]: key_mgmt
    [00:00:01.475,219] <dbg> wpa_supp: wpa_printf_impl: argv[3]: NONE
    [00:00:01.475,616] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'SET_NETWORK [REMOVED]'
    [00:00:01.475,738] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: SET_NETWORK id=0 name='key_mgmt'
    [00:00:01.475,799] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: value - hexdump_ascii(len=4): [REMOVED]
    [00:00:01.475,891] <dbg> wpa_supp: wpa_printf_impl: key_mgmt: 0x4
    [00:00:01.476,165] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: set_network, argc: 4
    [00:00:01.476,226] <dbg> wpa_supp: wpa_printf_impl: argv[0]: set_network
    [00:00:01.476,257] <dbg> wpa_supp: wpa_printf_impl: argv[1]: 0
    [00:00:01.476,287] <dbg> wpa_supp: wpa_printf_impl: argv[2]: ieee80211w
    [00:00:01.476,348] <dbg> wpa_supp: wpa_printf_impl: argv[3]: 0
    [00:00:01.476,715] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'SET_NETWORK [REMOVED]'
    [00:00:01.476,867] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: SET_NETWORK id=0 name='ieee80211w'
    [00:00:01.476,928] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: value - hexdump_ascii(len=1): [REMOVED]
    [00:00:01.477,081] <dbg> wpa_supp: wpa_printf_impl: ieee80211w=0 (0x0)
    [00:00:01.477,355] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: set_network, argc: 4
    [00:00:01.477,386] <dbg> wpa_supp: wpa_printf_impl: argv[0]: set_network
    [00:00:01.477,447] <dbg> wpa_supp: wpa_printf_impl: argv[1]: 0
    [00:00:01.477,478] <dbg> wpa_supp: wpa_printf_impl: argv[2]: proto
    [00:00:01.477,539] <dbg> wpa_supp: wpa_printf_impl: argv[3]: RSN
    [00:00:01.477,905] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'SET_NETWORK [REMOVED]'
    [00:00:01.478,057] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: SET_NETWORK id=0 name='proto'
    [00:00:01.478,118] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: value - hexdump_ascii(len=3): [REMOVED]
    [00:00:01.478,179] <dbg> wpa_supp: wpa_printf_impl: proto: 0x2
    [00:00:01.478,485] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: set_network, argc: 4
    [00:00:01.478,515] <dbg> wpa_supp: wpa_printf_impl: argv[0]: set_network
    [00:00:01.478,546] <dbg> wpa_supp: wpa_printf_impl: argv[1]: 0
    [00:00:01.478,607] <dbg> wpa_supp: wpa_printf_impl: argv[2]: key_mgmt
    [00:00:01.478,637] <dbg> wpa_supp: wpa_printf_impl: argv[3]: WPA-EAP
    [00:00:01.479,034] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'SET_NETWORK [REMOVED]'
    [00:00:01.479,156] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: SET_NETWORK id=0 name='key_mgmt'
    [00:00:01.479,217] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: value - hexdump_ascii(len=7): [REMOVED]
    [00:00:01.479,309] <dbg> wpa_supp: wpa_printf_impl: key_mgmt: 0x1
    [00:00:01.479,583] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: set, argc: 3
    [00:00:01.479,644] <dbg> wpa_supp: wpa_printf_impl: argv[0]: set
    [00:00:01.479,675] <dbg> wpa_supp: wpa_printf_impl: argv[1]: openssl_ciphers
    [00:00:01.479,736] <dbg> wpa_supp: wpa_printf_impl: argv[2]: "DEFAULT:!EXP:!LOW"
    [00:00:01.480,133] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'SET openssl_ciphers "DEFAULT:!EXP:!LOW"'
    [00:00:01.480,224] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE SET 'openssl_ciphers'='"DEFAULT:!EXP:!LOW"'
    [00:00:01.480,346] <dbg> wpa_supp: wpa_printf_impl: openssl_ciphers='"DEFAULT:!EXP:!LOW"'
    [00:00:01.480,621] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: set_network, argc: 4
    [00:00:01.480,682] <dbg> wpa_supp: wpa_printf_impl: argv[0]: set_network
    [00:00:01.480,712] <dbg> wpa_supp: wpa_printf_impl: argv[1]: 0
    [00:00:01.480,743] <dbg> wpa_supp: wpa_printf_impl: argv[2]: group
    [00:00:01.480,804] <dbg> wpa_supp: wpa_printf_impl: argv[3]: CCMP
    [00:00:01.481,170] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'SET_NETWORK [REMOVED]'
    [00:00:01.481,323] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: SET_NETWORK id=0 name='group'
    [00:00:01.481,384] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: value - hexdump_ascii(len=4): [REMOVED]
    [00:00:01.481,475] <dbg> wpa_supp: wpa_printf_impl: group: 0x10
    [00:00:01.481,750] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: set_network, argc: 4
    [00:00:01.481,781] <dbg> wpa_supp: wpa_printf_impl: argv[0]: set_network
    [00:00:01.481,842] <dbg> wpa_supp: wpa_printf_impl: argv[1]: 0
    [00:00:01.481,872] <dbg> wpa_supp: wpa_printf_impl: argv[2]: pairwise
    [00:00:01.481,933] <dbg> wpa_supp: wpa_printf_impl: argv[3]: CCMP
    [00:00:01.482,299] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'SET_NETWORK [REMOVED]'
    [00:00:01.482,452] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: SET_NETWORK id=0 name='pairwise'
    [00:00:01.482,513] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: value - hexdump_ascii(len=4): [REMOVED]
    [00:00:01.482,604] <dbg> wpa_supp: wpa_printf_impl: pairwise: 0x10
    [00:00:01.482,879] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: set_network, argc: 4
    [00:00:01.482,910] <dbg> wpa_supp: wpa_printf_impl: argv[0]: set_network
    [00:00:01.482,971] <dbg> wpa_supp: wpa_printf_impl: argv[1]: 0
    [00:00:01.483,001] <dbg> wpa_supp: wpa_printf_impl: argv[2]: group_mgmt
    [00:00:01.483,062] <dbg> wpa_supp: wpa_printf_impl: argv[3]: AES-128-CMAC
    [00:00:01.483,489] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'SET_NETWORK [REMOVED]'
    [00:00:01.483,612] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: SET_NETWORK id=0 name='group_mgmt'
    [00:00:01.483,673] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: value - hexdump_ascii(len=12): [REMOVED]
    [00:00:01.483,795] <dbg> wpa_supp: wpa_printf_impl: group_mgmt: 0x20
    [00:00:01.484,069] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: set_network, argc: 4
    [00:00:01.484,130] <dbg> wpa_supp: wpa_printf_impl: argv[0]: set_network
    [00:00:01.484,161] <dbg> wpa_supp: wpa_printf_impl: argv[1]: 0
    [00:00:01.484,191] <dbg> wpa_supp: wpa_printf_impl: argv[2]: proto
    [00:00:01.484,252] <dbg> wpa_supp: wpa_printf_impl: argv[3]: RSN
    [00:00:01.484,649] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'SET_NETWORK [REMOVED]'
    [00:00:01.484,771] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: SET_NETWORK id=0 name='proto'
    [00:00:01.484,832] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: value - hexdump_ascii(len=3): [REMOVED]
    [00:00:01.485,168] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: set_network, argc: 4
    [00:00:01.485,198] <dbg> wpa_supp: wpa_printf_impl: argv[0]: set_network
    [00:00:01.485,260] <dbg> wpa_supp: wpa_printf_impl: argv[1]: 0
    [00:00:01.485,290] <dbg> wpa_supp: wpa_printf_impl: argv[2]: eap
    [00:00:01.485,321] <dbg> wpa_supp: wpa_printf_impl: argv[3]: TLS
    [00:00:01.485,717] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'SET_NETWORK [REMOVED]'
    [00:00:01.485,870] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: SET_NETWORK id=0 name='eap'
    [00:00:01.485,931] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: value - hexdump_ascii(len=3): [REMOVED]
    [00:00:01.486,236] <dbg> wpa_supp: wpa_printf_impl: eap methods - hexdump(len=16): 00 00 00 00 0d 00 00 00 00 00 00 00 00 00 00 00
    [00:00:01.486,541] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: set_network, argc: 4
    [00:00:01.486,602] <dbg> wpa_supp: wpa_printf_impl: argv[0]: set_network
    [00:00:01.486,633] <dbg> wpa_supp: wpa_printf_impl: argv[1]: 0
    [00:00:01.486,694] <dbg> wpa_supp: wpa_printf_impl: argv[2]: identity
    [00:00:01.486,724] <dbg> wpa_supp: wpa_printf_impl: argv[3]: "cc2-004a"
    [00:00:01.487,121] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'SET_NETWORK [REMOVED]'
    [00:00:01.487,274] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: SET_NETWORK id=0 name='identity'
    [00:00:01.487,335] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: value - hexdump_ascii(len=10): [REMOVED]
    [00:00:01.487,426] <dbg> wpa_supp: wpa_printf_impl: identity - hexdump_ascii(len=8):
    [00:00:01.487,457] <dbg> wpa_supp: _wpa_hexdump_ascii:
                                       63 63 32 2d 30 30 34 61                          |cc2-004a
    [00:00:01.487,762] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: set_network, argc: 4
    [00:00:01.487,792] <dbg> wpa_supp: wpa_printf_impl: argv[0]: set_network
    [00:00:01.487,854] <dbg> wpa_supp: wpa_printf_impl: argv[1]: 0
    [00:00:01.487,884] <dbg> wpa_supp: wpa_printf_impl: argv[2]: password
    [00:00:01.487,945] <dbg> wpa_supp: wpa_printf_impl: argv[3]: "infrafon-2022"
    [00:00:01.488,311] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'SET_NETWORK [REMOVED]'
    [00:00:01.488,464] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: SET_NETWORK id=0 name='password'
    [00:00:01.488,525] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: value - hexdump_ascii(len=15): [REMOVED]
    [00:00:01.488,647] <dbg> wpa_supp: wpa_printf_impl: password - hexdump_ascii(len=13): [REMOVED]
    [00:00:01.488,952] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: set_network, argc: 4
    [00:00:01.488,983] <dbg> wpa_supp: wpa_printf_impl: argv[0]: set_network
    [00:00:01.489,044] <dbg> wpa_supp: wpa_printf_impl: argv[1]: 0
    [00:00:01.489,074] <dbg> wpa_supp: wpa_printf_impl: argv[2]: anonymous_identity
    [00:00:01.489,135] <dbg> wpa_supp: wpa_printf_impl: argv[3]: "(null)"
    [00:00:01.489,532] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'SET_NETWORK [REMOVED]'
    [00:00:01.489,654] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: SET_NETWORK id=0 name='anonymous_identity'
    [00:00:01.489,715] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: value - hexdump_ascii(len=8): [REMOVED]
    [00:00:01.489,837] <dbg> wpa_supp: wpa_printf_impl: anonymous_identity - hexdump_ascii(len=6):
    [00:00:01.489,837] <dbg> wpa_supp: _wpa_hexdump_ascii:
                                       28 6e 75 6c 6c 29                                |(null)
    [00:00:01.490,234] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: set_network, argc: 4
    [00:00:01.490,264] <dbg> wpa_supp: wpa_printf_impl: argv[0]: set_network
    [00:00:01.490,325] <dbg> wpa_supp: wpa_printf_impl: argv[1]: 0
    [00:00:01.490,356] <dbg> wpa_supp: wpa_printf_impl: argv[2]: ca_cert
    [00:00:01.490,417] <dbg> wpa_supp: wpa_printf_impl: argv[3]: "blob://ca_cert"
    [00:00:01.490,783] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'SET_NETWORK [REMOVED]'
    [00:00:01.490,936] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: SET_NETWORK id=0 name='ca_cert'
    [00:00:01.490,997] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: value - hexdump_ascii(len=16): [REMOVED]
    [00:00:01.491,119] <dbg> wpa_supp: wpa_printf_impl: ca_cert - hexdump_ascii(len=14):
    [00:00:01.491,149] <dbg> wpa_supp: _wpa_hexdump_ascii:
                                       62 6c 6f 62 3a 2f 2f 63  61 5f 63 65 72 74       |blob://c a_cert
    [00:00:01.491,516] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: set_network, argc: 4
    [00:00:01.491,546] <dbg> wpa_supp: wpa_printf_impl: argv[0]: set_network
    [00:00:01.491,607] <dbg> wpa_supp: wpa_printf_impl: argv[1]: 0
    [00:00:01.491,638] <dbg> wpa_supp: wpa_printf_impl: argv[2]: client_cert
    [00:00:01.491,699] <dbg> wpa_supp: wpa_printf_impl: argv[3]: "blob://client_cert"
    [00:00:01.492,095] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'SET_NETWORK [REMOVED]'
    [00:00:01.492,218] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: SET_NETWORK id=0 name='client_cert'
    [00:00:01.492,279] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: value - hexdump_ascii(len=20): [REMOVED]
    [00:00:01.492,401] <dbg> wpa_supp: wpa_printf_impl: client_cert - hexdump_ascii(len=18):
    [00:00:01.492,431] <dbg> wpa_supp: _wpa_hexdump_ascii:
                                       62 6c 6f 62 3a 2f 2f 63  6c 69 65 6e 74 5f 63 65 |blob://c lient_ce
                                       72 74                                            |rt
    [00:00:01.492,828] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: set_network, argc: 4
    [00:00:01.492,889] <dbg> wpa_supp: wpa_printf_impl: argv[0]: set_network
    [00:00:01.492,919] <dbg> wpa_supp: wpa_printf_impl: argv[1]: 0
    [00:00:01.492,980] <dbg> wpa_supp: wpa_printf_impl: argv[2]: private_key
    [00:00:01.493,011] <dbg> wpa_supp: wpa_printf_impl: argv[3]: "blob://private_key"
    [00:00:01.493,408] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'SET_NETWORK [REMOVED]'
    [00:00:01.493,530] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: SET_NETWORK id=0 name='private_key'
    [00:00:01.493,621] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: value - hexdump_ascii(len=20): [REMOVED]
    [00:00:01.493,743] <dbg> wpa_supp: wpa_printf_impl: private_key - hexdump_ascii(len=18):
    [00:00:01.493,743] <dbg> wpa_supp: _wpa_hexdump_ascii:
                                       62 6c 6f 62 3a 2f 2f 70  72 69 76 61 74 65 5f 6b |blob://p rivate_k
                                       65 79                                            |ey
    [00:00:01.494,049] <dbg> wpa_supp: wpa_printf_impl: Calling wpa_cli: set_network, argc: 4
    [00:00:01.494,110] <dbg> wpa_supp: wpa_printf_impl: argv[0]: set_network
    [00:00:01.494,140] <dbg> wpa_supp: wpa_printf_impl: argv[1]: 0
    [00:00:01.494,201] <dbg> wpa_supp: wpa_printf_impl: argv[2]: private_key_passwd
    [00:00:01.494,232] <dbg> wpa_supp: wpa_printf_impl: argv[3]: "key_004a-2025"
    [00:00:01.494,628] <dbg> wpa_supp: wpa_printf_impl: wlan0: Control interface command 'SET_NETWORK [REMOVED]'
    [00:00:01.494,781] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: SET_NETWORK id=0 name='private_key_passwd'
    [00:00:01.494,842] <dbg> wpa_supp: wpa_printf_impl: CTRL_IFACE: value - hexdump_ascii(len=15): [REMOVED]
    [00:00:01.494,964] <dbg> wpa_supp: wpa_printf_impl: private_key_passwd - hexdump_ascii(len=13): [REMOVED]
    [00:00:01.495,208] <inf> sta: Connection requested
    [00:00:01.495,269] <inf> sta: ==================
    [00:00:01.495,300] <inf> sta: State: DISCONNECTED
    [00:00:01.566,986] <dbg> wpa_supp: wpa_printf_impl: EAPOL: disable timer tick
    [00:00:01.795,410] <inf> sta: ==================
    
    How to debug this further?
    thanks
Children
  • Hi,

    BrianW said:
    Do you have a C code connection params setup example (like my setup code above, but that does the certificate setup as well?)

    You can look at how the __wifi_args_to_params() function is implemented in the shell code: https://github.com/nrfconnect/sdk-zephyr/blob/v4.0.99-ncs1/subsys/net/l2/wifi/wifi_shell.c#L777.

    The arguments in this shell command:

    wifi connect -s <SSID> -k 7 -a anon -K whatever -S 2 -w 2

    Corresponds to these parameters:

    params->security = WIFI_SECURITY_TYPE_EAP; // 7
    params->mfp = WIFI_MFP_REQUIRED; // 2
    params->anon_id = ANON_ID;
    params->aid_length = strlen(params->anon_id);
    params->key2_passwd = KEY2_PASSWD;
    params->key2_passwd_length = strlen(params->key2_passwd);
    params->suiteb_type = WIFI_SUITEB_192; // 2

    So, to get the same as the shell command, you should set the parameters like this in the code:

    static int __wifi_params_wpa2eap(struct wifi_connect_req_params *params)
    {
    
        params->timeout =  CONFIG_STA_CONN_TIMEOUT_SEC * MSEC_PER_SEC;
    
        if (params->timeout == 0) {
            params->timeout = SYS_FOREVER_MS;
        }
    
        /* Defaults */
        params->band = WIFI_FREQ_BAND_UNKNOWN;
        params->channel = WIFI_CHANNEL_ANY;
        params->security = WIFI_SECURITY_TYPE_EAP; // 7
        params->mfp = WIFI_MFP_REQUIRED; // 2
    
        /* SSID */
        params->ssid =STA_SSID;
        params->ssid_length = strlen(params->ssid);
    
        params->anon_id = ANON_ID;
    	params->aid_length = strlen(params->anon_id);
    	params->key2_passwd = KEY2_PASSWD;
    	params->key2_passwd_length = strlen(params->key2_passwd);
    	params->suiteb_type = WIFI_SUITEB_192; // 2
    
        return 0;
    }
    

    BrianW said:
    Do you mean in the shell sample?

    I mean changing the certificates at run time in general. The guide I linked explains how to install the certificates during compile time and run time. Support for installing the certificates was added in nRF Connect SDK v3.0.0. If you are using an older version, you need to follow the compile time guide.

    Best regards,
    Marte

  • So, to get the same as the shell command, you should set the parameters like this in the code:

    Great thanks! Indeed thats quite a different set of fields in the params structure from the code I had. I'll give that a go...

    I mean changing the certificates at run time in general. The guide I linked explains how to install the certificates during compile time and run time. Support for installing the certificates was added in nRF Connect SDK v3.0.0. If you are using an older version, you need to follow the compile time guide.

    Ok. I think in both cases they use this net_mgmt() command:

        struct wifi_enterprise_creds_params enterprise_creds_params={0};
        enterprise_creds_params.ca_cert = _ca_cert;
        enterprise_creds_params.ca_cert_len = sizeof(_ca_cert);
        enterprise_creds_params.client_cert = _client_cert;
        enterprise_creds_params.client_cert_len = sizeof(_client_cert);
        enterprise_creds_params.client_key = _client_key;
        enterprise_creds_params.client_key_len = sizeof(_client_key);
       
        int retreq = net_mgmt(NET_REQUEST_WIFI_ENTERPRISE_CREDS, iface, &enterprise_creds_params, sizeof(struct wifi_enterprise_creds_params));
        if (retreq!=0) {
            LOG_ERR("Failed to set Wi-Fi enterprise credentials: %d\n", retreq);
            return false;
        }
    The difference is just in where the data (in PEM format) for the different fields comes from - in this case its statically defined in the code, yes? This net_mgmt call to set the certificates is supported in 2.9 as well?
    thanks
     
  • Hi,

    BrianW said:
    Great thanks! Indeed thats quite a different set of fields in the params structure from the code I had. I'll give that a go...

    Let me know how it goes!

    BrianW said:
    The difference is just in where the data (in PEM format) for the different fields comes from - in this case its statically defined in the code, yes? This net_mgmt call to set the certificates is supported in 2.9 as well?
    thanks

    Correct. With run time, the certificates are provided using Wi-Fi shell, while with compile time, the certificates are, as the name states, included in the build at compile time.

    In both cases, the credentials are provided using the same method, i.e., the parameters you shared and calling the net_mgmt() command. The implementation is slightly different in v3.0.0 since the certificates can also be provided at run time, but the way they are provided is the same.

    Best regards,
    Marte

Related