remove @EAP_LDFLAGS@, no longer exists

[mech_eap.orig] / libeap / wpa_supplicant / examples / openCryptoki.conf

diff --git a/libeap/wpa_supplicant/examples/openCryptoki.conf b/libeap/wpa_supplicant/examples/openCryptoki.conf
new file mode 100644 (file)
index 0000000..e2301a6
--- /dev/null
+++ b/libeap/wpa_supplicant/examples/openCryptoki.conf
@@ -0,0 +1,41 @@
+# EAP-TLS using private key and certificates via OpenSSL PKCS#11 engine and
+# openCryptoki (e.g., with TPM token)
+
+# This example uses following PKCS#11 objects:
+# $ pkcs11-tool --module /usr/lib/opencryptoki/libopencryptoki.so  -O -l
+# Please enter User PIN:
+# Private Key Object; RSA
+#   label:      rsakey
+#   ID:         04
+#   Usage:      decrypt, sign, unwrap
+# Certificate Object, type = X.509 cert
+#   label:      ca
+#   ID:         01
+# Certificate Object, type = X.509 cert
+#   label:      cert
+#   ID:         04
+
+# Configure OpenSSL to load the PKCS#11 engine and openCryptoki module
+pkcs11_engine_path=/usr/lib/engines/engine_pkcs11.so
+pkcs11_module_path=/usr/lib/opencryptoki/libopencryptoki.so
+
+network={
+       ssid="test network"
+       key_mgmt=WPA-EAP
+       eap=TLS
+       identity="User"
+
+       # use OpenSSL PKCS#11 engine for this network
+       engine=1
+       engine_id="pkcs11"
+
+       # select the private key and certificates based on ID (see pkcs11-tool
+       # output above)
+       key_id="4"
+       cert_id="4"
+       ca_cert_id="1"
+
+       # set the PIN code; leave this out to configure the PIN to be requested
+       # interactively when needed (e.g., via wpa_gui or wpa_cli)
+       pin="123456"
+}