Configuring Wi-Fi TLS

To configure a Wi-Fi network using certificate-based authentication (EAP-TLS), administrators must first load the required private certificates into the device. This includes the CA certificate, the client certificate, and the associated private key. Certificates can be loaded either manually or via provisioning, using the following parameters:

security/device_certificate_url=

security/device_private_key_url=

security/ca_certificate/0/uri=

Once the certificates are loaded, the administrator can configure a secure Wi-Fi connection via the user interface under Wi-Fi menu > Add Network.

To use EAP-TLS for authentication, set the following parameters:

network/wireless/eap_method=TLS

network/wireless/ca_cert=

network/wireless/client_cert=

Example Configuration

Below is an example of the Wi-Fi parameters after configuration:

network/wireless/ssid=RAX10-2.4G-5G

network/wireless/security=802.1X_EAP

network/wireless/eap_method=TLS

network/wireless/phase2_method=NONE

network/wireless/ca_cert=SYSTEM

network/wireless/domain=Cisco

network/wireless/client_cert=USRPKEY_device_crt

network/wireless/identity=ipp