3
0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2024-11-26 02:19:26 +01:00

doc: Update EAP-TLS client key setting information

This commit is contained in:
Andrew Zaborowski 2021-01-25 18:56:15 +01:00 committed by Denis Kenzior
parent a55f8864d2
commit d6e99c1197

View File

@ -211,20 +211,27 @@ authentication configuration.
* - EAP-TLS-ClientCert
- absolute file path or embedded pem
Path to a PEM-formatted client X.509 certificate or certificate chain
to send on server request.
Path to the client X.509 certificate or certificate chain to send on
server request.
* - EAP-TLS-ClientKey
- absolute file path or embedded pem
Path to a PEM-formatted client PKCS#8 private key corresponding to the
public key provided in *EAP-TLS-ClientCert*.
Path to the client private key corresponding to the public key provided
in *EAP-TLS-ClientCert*. The recommended format is PKCS#8 PEM.
* - EAP-TLS-ClientKeyBundle
- absolute file path
As an alternative to *EAP-TLS-ClientCert* and *EAP-TLS-ClientKey* IWD
can load both the certificate and the private key from a container file
pointed by this setting. The recommended format is PKCS#12 when this
is used.
* - | EAP-TLS-
| ClientKeyPassphrase
- string
Decryption key for the client private key file. This is used if the
private key given by *EAP-TLS-ClientKey* is encrypted. If not provided,
then the agent is asked for the passphrase at connection time.
Decryption key for the client key files. This should be used if the
certificate or the private key in the files mentioned above is encrypted.
When not given, the agent is asked for the passphrase at connection time.
* - | EAP-TLS-ServerDomainMask,
| EAP-TTLS-ServerDomainMask,
| EAP-PEAP-ServerDomainMask