Private keys are used to authenticate the connecting client to the network when EAP-TLS is used as either the "phase 1" or "phase 2" 802.1x authentication method.
This function reads a private key from disk and sets the NMSetting8021x:phase2-private-key
property with the private key
file data if using the BLOB scheme, or with the path to the private key
file if using the PATH scheme.
If password
is given, this function attempts to decrypt the private key to verify that password
is correct, and
if it is, updates the phase2_private_key_password property
with the given password
. If the decryption is unsuccessful, false
is returned, error
is set, and no
internal data is changed. If no password
is given, the private key is assumed to be valid, no decryption is performed, and
the password may be set at a later time.
WARNING: the "phase2" private key property is not a "secret" property, and thus unencrypted private key data using the BLOB scheme may be readable by unprivileged users. Private keys should always be encrypted with a private key password to prevent unauthorized access to unencrypted private key data.
this |
the Setting8021x |
key_path |
when |
password |
password used to decrypt the private key, or |
scheme |
desired storage scheme for the private key |
out_format |
on successful return, the type of the private key added |
|