Upstream/esphome-docs
1
0
Fork 0
mirror of https://github.com/esphome/esphome-docs.git synced 2024-12-26 17:27:47 +01:00
Code Issues Projects Releases Wiki Activity

Add documentation for new WPA2-EAP authentication. (#633)

Browse Source
This commit is contained in:
Tom Price 2020-07-10 01:35:51 +01:00 committed by GitHub
parent a3c3dbcbea
commit f7c7f284a0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 47 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
components/wifi.rst
View File

@ -165,6 +165,7 @@ Configuration variables:
- **ssid** (*Optional*, string): The SSID or WiFi network name.
- **password** (*Optional*, string): The password to use for authentication. Leave empty for no password.
- **eap** (*Optional*): See :ref:`eap`.
- **channel** (*Optional*, int): The channel of the network (1-14). If given, only connects to networks
that are on this channel.
- **bssid** (*Optional*, string): Optionally define a BSSID (MAC-Address) of the network to connect to.
@ -175,6 +176,52 @@ Configuration variables:
the highest priority is chosen. If the connection fails, the priority is decreased by one.
Defaults to ``0``.
.. _eap:
Enterprise Authentication
-------------------------
WPA2_EAP Enterprise Authentication is supported on ESP32s.
In order to configure this feature you must use the :ref:`wifi-networks` style configuration.
The ESP32 is known to work with PEAP, EAP-TTLS, and the certificate based EAP-TLS.
These are advanced settings and you will usually need to consult your enterprise network administrator.
.. code-block:: yaml
# Example EAP configuration
wifi:
networks:
- ssid: EAP-TTLS_EnterpriseNetwork
eap:
username: bob
password: VerySafePassword
- ssid: EAP-TLS_EnterpriseNetwork
eap:
certificate_authority: |
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
certificate: |
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
key: |
-----BEGIN PRIVATE KEY-----
...
-----END PRIVATE KEY-----
Configuration variables:
- **identity** (*Optional*, string): The outer identity to pass to the EAP authentication server.
This is required for EAP-TLS.
- **username** (*Optional*, string): The username to present to the authenticating server.
- **password** (*Optional*, string): The password to present to the authentication server.
For EAP-TLS this password may be set to decrypt to private key instead.
- **certificate_authority** (*Optional*, block): A PEM encoded certificate to use when validating the authentication server.
- **certificate** (*Optional*, block): A PEM encoded certificate to use for EAP-TLS authentication.
- **key** (*Optional*, block): A PEM encoded private key matching ``certificate`` for EAP-TLS authentication.
Optionally encrypted with ``password``.
.. _wifi-connected_condition:
``wifi.connected`` Condition