Getting a Raspberry Pi on Worcester Polytechnic Institute (WPI) WiFi (WPA-EAP)

The following is a very specific guide and like all guides of this nature written by me it is mostly for my benefit so I can come back to it later. It is a modification of this guide written by Campus IT.  If you have any suggestions to improve anything, PLEASE shoot me an email or leave me a comment below.

I will be connecting my Raspberry Pi Model B+ running the latest build of Raspbian using the Edimax EW-7811Un WiFi dongle to this kind of network (From Campus IT):

Specifically, WPI requires 802.1x EAP-TLS certificate based authentication. This is sometimes referred to as WPA Enterprise

Having an internet connection will make doing this much much easier. In fact, if all you need to do is share your laptops WiFi with the Pi over the Ethernet port on your laptop that is quite easy (For WPI people please note that this is a violation of the networks’ acceptable use policy). For windows 8.1:

First, we will have to enable sharing our Wi-Fi through the Ethernet ports of our computer.

Open the Network and Sharing center on your computer. It is found under Control Panel->Network and Internet->Network and Sharing Center.
Next, click on “change adapter settings.”
Right click on your Wi-Fi, and select “Properties.” You will most likely need to be an administrator for this step.
Click on the “Sharing” tab.
Check the “Allow other network users to connect through this computer’s Internet connection” checkbox.
Hit OK to close this window.
Next, we will connect to the raspberry Pi over our Ethernet cable.

Open up cmd. Type “ping” into the command line. Do not use any quotes when you type in this command.
Take note of this IP address. You can connect to the Pi through Putty using that IP address.

If you’re using a fresh install, make sure you set the Pi’s internal time to the proper time using raspi-config. It’s under internationalization options.

You will then need to register the MAC address

Next we need to acquire the proper certificates.

Campus IT has already created a good tutorial for doing this found here. You’ll want two get two certificates seen here:

Move those two documents onto the Pi as well. I’m using

as the location for my certificates for the sake of this tutorial.

From there you’ll have to convert the ‘certificate.p12’ document to a .pem format with OpenSSL. OpenSSL is installed by default in Raspian. Do this with the following command:

Enter the password for the NETWORK when prompted. We now have 3 certificate files. The CA-.pem, certificate.p12 and certificate.pem all located in the /home/pi/certs directory on the pi.

Next we have to disable all the default wifi settings that come with Raspian. Do this by changing your /etc/network/interfaces file to the following:

Doing this stops the Pi from trying to use the wlan0 device at boot and will allow us to use it directly.

Now we must configure wpa_supplicants. It doesn’t really matter where you put the configuration file, but the raspberry pi places it by default here:

Edit the file to look like the following. Note that things you WILL have to change are marked with []’s. Also note that this config places all 3 certs in that directory I’ve mentioned a few times.

I found that in an example configuration of wpa_supplicant.conf specifically notes the need of a .pem file for the client cert, thus the conversion.

We’re pretty much done, all we need to do is add a few steps to the boot process to start the whole process each time the device boots. We can use crontab or /etc/rc.local (thanks Greg Tighe) to accomplish this.

With Crontab:

Add the two lines to the file:

or edit /etc/rc.local to contain:

And reboot your pi! Everything should connect and work.