Upstream/esphome-docs
1
0
Fork 0
mirror of https://github.com/esphome/esphome-docs.git synced 2024-12-27 17:37:45 +01:00
Code Issues Projects Releases Wiki Activity

Add documentation for new WPA2-EAP authentication. (#633)

Browse Source
This commit is contained in:
Tom Price 2020-07-10 01:35:51 +01:00 committed by GitHub
parent a3c3dbcbea
commit f7c7f284a0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 47 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
components/wifi.rst
View File

@ -165,6 +165,7 @@ Configuration variables:
- **ssid** (*Optional*, string): The SSID or WiFi network name. - **ssid** (*Optional*, string): The SSID or WiFi network name.
- **password** (*Optional*, string): The password to use for authentication. Leave empty for no password. - **password** (*Optional*, string): The password to use for authentication. Leave empty for no password.
- **eap** (*Optional*): See :ref:`eap`.
- **channel** (*Optional*, int): The channel of the network (1-14). If given, only connects to networks - **channel** (*Optional*, int): The channel of the network (1-14). If given, only connects to networks
that are on this channel. that are on this channel.
- **bssid** (*Optional*, string): Optionally define a BSSID (MAC-Address) of the network to connect to. - **bssid** (*Optional*, string): Optionally define a BSSID (MAC-Address) of the network to connect to.
@ -175,6 +176,52 @@ Configuration variables:
the highest priority is chosen. If the connection fails, the priority is decreased by one. the highest priority is chosen. If the connection fails, the priority is decreased by one.
Defaults to ``0``. Defaults to ``0``.
.. _eap:
Enterprise Authentication
-------------------------
WPA2_EAP Enterprise Authentication is supported on ESP32s.
In order to configure this feature you must use the :ref:`wifi-networks` style configuration.
The ESP32 is known to work with PEAP, EAP-TTLS, and the certificate based EAP-TLS.
These are advanced settings and you will usually need to consult your enterprise network administrator.
.. code-block:: yaml
# Example EAP configuration
wifi:
networks:
- ssid: EAP-TTLS_EnterpriseNetwork
eap:
username: bob
password: VerySafePassword
- ssid: EAP-TLS_EnterpriseNetwork
eap:
certificate_authority: |
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
certificate: |
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
key: |
-----BEGIN PRIVATE KEY-----
...
-----END PRIVATE KEY-----
Configuration variables:
- **identity** (*Optional*, string): The outer identity to pass to the EAP authentication server.
This is required for EAP-TLS.
- **username** (*Optional*, string): The username to present to the authenticating server.
- **password** (*Optional*, string): The password to present to the authentication server.
For EAP-TLS this password may be set to decrypt to private key instead.
- **certificate_authority** (*Optional*, block): A PEM encoded certificate to use when validating the authentication server.
- **certificate** (*Optional*, block): A PEM encoded certificate to use for EAP-TLS authentication.
- **key** (*Optional*, block): A PEM encoded private key matching ``certificate`` for EAP-TLS authentication.
Optionally encrypted with ``password``.
.. _wifi-connected_condition: .. _wifi-connected_condition:
``wifi.connected`` Condition ``wifi.connected`` Condition