This blog post demonstrates how to use Enterprise security protocols in WICED SDK with FreeRADIUS server. This was tested on WICED version Wiced_006.000.001.005, FreeRADIUS version 2.2.9 and ThreadX-NetX_Duo.
Ensure that you have installed freeRADIUS in your Linux PC. Log in to the system as root.
In the Linux PC, open raddb/users file and create username and password for 802.1X authentication.
Open raddb/clients.conf and add the IP address of access point which is the RADIUS client for Freeradius and shared secret. This will be used in AP configuration.
Place your root CA (Certificate Authority) and server certificates along with server private key raddb/certs folder. The same CA shall be used in /libraries/utilities/command_console/wifi/certificate.h.
Modify the raddb/eap.conf file to include the correct filenames of server private key, server certificate and CA as well as the correct certificate and CA directory. The default certificate directory is raddb/certs.
Configure the AP to include the radius server IP address and shared secret configured in clients.conf.
Write the command radiusd -X. If configuration settings are correct, you will see “Ready to process requests” in the end.
Follow the instructions in the WICED path doc/WICED-Enterprise-Security-User-Guide.pdf to configure your WICED device for enterprise security connection.