Connman uses configuration files to provision existing services. Connman will
be looking for its configuration files at STORAGEDIR which by default points
-to /var/lib/connman/. Configuration file names should follow the *.config
-pattern.
+to /var/lib/connman/. Configuration file names must not include other
+characters than letters or numbers and must have a .config suffix.
Those configuration files are text files with a simple format and we typically
have one file per provisioned network.
The 2 allowed fields for that entry are:
- Name: Name of the network.
- Description: Description of the network.
+- Protected: Configuration protection against being removed, modified or
+overwritten by a Manager.ProvisionService() call. If unset, this value defaults
+to TRUE, i.e. configs are protected by default.
Service entry [service_*]
Allowed fields:
- Type: Service type. We currently only support wifi.
- SSID: An hexadecimal or a string representation of a 802.11 SSID.
-- EAP: EAP type. We currently only support tls or peap.
+- EAP: EAP type. We currently only support tls, ttls or peap.
- CACertFile: File path to CA certificate file (PEM/DER).
- ClientCertFile: File path to client certificate file (PEM/DER).
- PrivateKeyFile: File path to client private key file (PEM/DER/PFX).
passphrase. The PrivateKeyPassphrase field is ignored when this field is set
to fsid.
- Identity: Identity string for EAP.
-- Phase2: Phase2 (inner authentication with TLS tunnel) parameters.
+- Phase2: Phase2 (inner authentication with TLS tunnel) authentication method.
+Prefix the value with "EAP-" to indicate the usage of an EAP-based inner
+authentication method (should only be used with EAP = TTLS).
- Passphrase: RSN/WPA/WPA2 Passphrase
Example
=======
-This is a configuration file for a network providing both EAP-TLS and
+This is a configuration file for a network providing EAP-TLS, EAP-TTLS and
EAP-PEAP services.
-The respective SSIDs are tls_ssid and peap_ssid and the file name is
-example.config.
+The respective SSIDs are tls_ssid, ttls_ssid and peap_ssid and the file name
+is example.config.
+Please note that the SSID entry is for hexadecimal encoded SSID (e.g. "SSID =
+746c735f73736964"). If your SSID does not contain any exotic character then
+you should use the Name entry instead (e.g. "Name = tls_ssid").
+
example@example:[~]$ cat /var/lib/connman/example.config
[global]
PrivateKeyPassphraseType = fsid
Identity = user
+[service_ttls]
+Type = wifi
+Name = ttls_ssid
+EAP = ttls
+CACertFile = /home/user/.cert/ca.pem
+Phase2 = MSCHAPV2
+Identity = user
+
[service_peap]
Type = wifi
-SSID = peap_ssid
+Name = peap_ssid
EAP = peap
-CACert = /home/user/.cert/ca.pem
+CACertFile = /home/user/.cert/ca.pem
Phase2 = MSCHAPV2
Identity = user