[SOLVED] touchpad 802.11X enterprise+certificate wifi connectivity

---

One of the corner cases it seems HP did not design into webOS is the ability to auto negotiate a full 802.11X connection. I managed to fix this though and my touchpad is happily connected to our office wi-fi and I figure anyone else trying this might want to check out the workaround I managed.

When I attempted to configure my touchpad to connect to an office/enterprise access point, I hit a brick wall where after completing all the required steps. It was able to use the current user credentials and get to the access point itself, but failed out with a "warning, no certificate is found for this network, please contact your network administrator" type of message.

Well of course no one in our IT group had ever so much as seen WebOS and ultimately I was left to fend for myself.

The goal here is to successfully transfer the (normally auto-retrieved) 802.11X signing certificate to the touchpad so that it can properly connect to your corporate/enterprise wireless network. On other devices such as android this seems to all be automated, but on the touchpad a significant amount of manual arm-wringing was needed to get it to all work together.

Step 1: Getting a root security certificate for your company.

There are a few guides out there for various operating systems/devices which you can use. Since my office machine was windows 7, thats what I have direct experience with.

Win7 Has a built in certificate management tool, but it is not listed in any of the menus. To get to it, enter certmgr.msc into the run panel and it will open up this handy dandy little tool.

Once you have that tool open, look into the root certificate authority folder and find your company's enterprise certificate. Hopefully it will be fairly easy to spot, i.e. if you work at company with domain X, you should see something like "X Enterprise CA".

Right click this certificate and select "All Tasks->Export" which will bring up a wizard with a few different certificate formats. After much trial and error, I found that the only one the touchpad seemed to natively understand was the "Base-64 encoded X.509". Finish the export with a file name and you can find it in your default user folder.

Step 2: Transfer this file to your touchpad

This one is a no brainer, just connect the touchpad via usb to your machine where you have this file, and drag it over.

Step 3: Importing the new certificate

All you need here is any webos file manager capable of opening a file. I used Gemini File Manager, but several free ones are also available and should work.

Open the file manager app on your touchpad, and run that certificate file. This will open a certificate manager tool on the touchpad and prompt you to trust this new certificate. Once you select to trust it, it will be brought into the system and available to use for 802.11x authentication.

Step 4: Connecting to the network

At this point all you should have to do is connect to the office wireless that was giving you trouble before, and now after giving all your authentication info it should successfully connect and offer full connectivity


It seems a little convoluted but it is awfully nice to have the touchpad be fully on-line and available around the office and you only have to do it the one time, successive connections should all just work.

I've tried this at my University, but it doesn't work for my exact situation. Hopefully it will work for others too. Kudos for figuring it out! As for me, apparently WPA2 Enterprise PEAP MSCHAPV2 is a no go until the WebOS team will update/fix it....

I managed to get connected to my MS corp wireless, but will actually see if I have network connectivity a bit later (and update this thread).

its given me full connectivity here (I'm writing this on my touchpad on the enterprise WiFi right now). Its also worked for several other people here lucky enough to score one as well.

the biggest sticking point was getting the right certificate in the right (touchpad working ) format. Once I managed to get that file simply sending it around helped everyone else here get going in a couple minutes vs a couple hours it took when I was trying to sort it all out.

We use 802.1x at work without server certs. Just peap and mschap v2. I haven't had any luck connecting though. Anyone else been able to?

Looks like PEAP support is a major sticking point.

There's a tutorial here: http://www.webos-internals.org/wiki/Advanced_Wifi
(I changed some of the script as per the thread I got the link from here: http://forums.precentral.net/hp-touc...se-802-1x.html)

I tracked down the ARM wpa_supplicant package here: http://packages.debian.org/squeeze/a...icant/download

And the libreadline.so.6 package here:
http://packages.debian.org/squeeze/a...line6/download

.DEB packages just have .TAR files inside them so I extracted what I needed using 7Zip and used WebOSQuickInstall to copy the files to the TP.

Even after following the other directions though, I consistantly get an error saying:
Failed to connect to wpa_supplicant - wpa_ctrl_open: No such file or directory

Not having much luck...

what's odd is our network looks like it does have peap set but with this certificate its working on the touchpad just fine.

it uses our exchange login info with a slightly off domain but even that has not thrown it.

The exact network configuration visible in the windows properties for the wireless link here is as follows:

Security: WPA2-Enterprise
Encryption: AES
Network Authentication: PEAP
Validate Server Certificate
Secured Password (EAP-MSCHAPv2) (Automatically use windows login/pass/domain)
Fast Reconnect

I haven't had luck with anything so far.

Is anyone willing to make a patch to fix the MSCHAPv2 problems? I'm willing to donate to your cause if I can my TouchPad to connect to my school's wireless, as it's essentially useless right now.

The network here uses WPA-Enterprise (not WPA2), and PEAP with password authentication only (no cert needed - as far as I'm aware it doesn't issue one to the phone).

I managed to get the TP to say "no network with that name and security method" found when I had the protocol set to IEEE801X, it doesn't do it when I set it to WPA-EAP though.

Essentially, using (what I believe to be) the exact same settings that work with my SGS2, doesn't work with the TouchPad.

It looks like at best the enterprise stuff is kinda half baked. If you need a certificate, webos is capable of *using* one, but not generating it. If its non certificate based, it seems to just fail out entirely.

Have you guys who are having the failures had luck with other devices like laptops etc? if so, what are the settings used to establish that successful connection? It seems like the touchpads are *capable* of mantaining peap/mschapv2 connections, as that is the setup my office uses, but for some reason without the certificate requirement it just is glitching out and won't establish the connection in the first place