With wpad-openssl, OpenWRT routers can connect to 802.1x WiFi (WPA-Enterprise).
In my case the WiFi provider is using some old encryption method, I have to add phase1="allow_unsafe_renegotiation=1" in wpa_supplicant.conf manually, otherwise the certification would fail.
However, it seems that UCI / LuCI cannot manage the connection created by editing wpa_supplicant.conf directly, thus this method is useless.
I'm asking: How to set phase1="allow_unsafe_renegotiation=1" using UCI / LuCI?
P.S. Options provided by UCI / LuCI are listed as follows. No phase 1 option.
| Name | Default | Description |
|---|---|---|
| eap_type | (none) | Defines the EAP protocol, possible values are tls for EAP-TLS and peap or ttls for EAP-PEAP |
| auth | MSCHAPV2 | “auth=PAP”/PAP/MSCHAPV2 - Defines the phase 2 (inner) authentication method, only applicable if eap_type is peap or ttls |
| identity | (none) | EAP identity to send during authentication |
| password | (none) | Password to send during EAP authentication |
| ca_cert | (none) | Specifies the path the CA certificate used for authentication |
| client_cert | (none) | Specifies the client certificate used for the authentication |
| priv_key | (none) | Specifies the path to the private key file used for authentication, only applicable if eap_type is set to tls |
| priv_key_pwd | (none) | Password to unlock the private key file, only works in conjunction with priv_key |
