Solution
Add a custom code to the config-init.brs script, in the scripts folder, to apply the WPA enterprise username and password. If there is no config-init.brs in the Scripts folder, copy the config-init.brs from the example folder and move it to the Scripts folder.
- Add username (A domain isn't mandatory in username field)
- Add Password
- Add location of certificate file on storage (if one is required)
Note: The below example was provided by the BrightSign support team. Usernames and passwords in the scripts have been replaced by generic text.
*Config.init file provided → Observe the following config-init.brs file: config-init.brs (downloadable file).
| Sub Main() setupParams = {} setupParams.setupEthernet = true setupParams.ethernetParams = {} setupParams.ethernetParams.useDHCP = false setupParams.ethernetParams.timeServer = "time.micorsoft.com" setupParams.setupWireless = false setupParams.wirelessParams = {} ' enter SSID, passphrase below setupParams.wirelessParams.useDHCP = true setupParams.wirelessParams.timeServer = "time.micorsoft.com" ncz = CreateObject("roSystemTime") End Sub
Sub setupNetwork(setupParams As Object) if type(setupParams.setupEthernet) = "roBoolean" and setupParams.setupEthernet and type(setupParams.ethernetParams) = "roAssociativeArray" then ConfigureNetwork(nc, setupParams.ethernetParams) if type(setupParams.setupWireless) = "roBoolean" and setupParams.setupWireless and type(setupParams.wirelessParams) = "roAssociativeArray" then End Sub
if type(networkingParameters.ssid) = "roString" then if networkingParameters.useDHCP then nc.SetRoutingMetric(-1) nc.SetTimeServer(networkingParameters.timeServer) nc.SetWiFiIdentity(user) ok = nc.Apply() End Sub
|
|---|
In BA:connected (aka. BSN Cloud)
Network Authentication: Use this section to configure the player for WPA Enterprise authentication.
- Enable 802.1X Authentication / Enable WPA Enterprise Authentication: Check this box to enable authentication via 802.1x (for wired) or WPA Enterprise Authentication (for wireless).
- Choose Network Authentication Variant: Choose one of the following:
- EAP-TLS: This authentication variant requires a client certificate and private key, which can be provided with one of the following certificate types:
- PKCS#12: The client certificate and private key are both provided in a single PKCS#12 formatted file (usually with a .p12 file extension). Click the first Browse button to locate the certificate file.
- X.509 PEM/DER: The client certificate is provided as a X.509 certificate (using PEM or DER encoding), and the key is encoded separately. Use the first Browse button to locate the X.509 certificate and the second Browse button to locate the PEM/DER key.
- PEAP/MSCHAPv2: This authentication variant requires a Username (i.e. identity) and Passphrase. For this method to work, the server must be configured to accept a username/password scheme in lieu of a client certificate.
- EAP-TLS: This authentication variant requires a client certificate and private key, which can be provided with one of the following certificate types:
- Press Browse to locate additional CA Certificate: If the authentication scheme requires additional PEM/DER CA certificates (for example, if the CA hierarchy requires intermediate certificates and the server does not supply them), click the Browse button to locate the certificate file.
