Comment 12 for bug 290285

I can confirm that encrypting the key fixes the problem. It doesn't matter whether the certificates/key are in PEM or DER format. If the key is encrypted, and the correct password is inputted, the connect button lights up and becomes usable.

However, that doesn't fix the fact that network-manager is largely useless for 802.1x. With PEAPv0/MSCHAPv2 I was able to connect about 50% of the time. The rest of the time, the freeradius debug log showed that no attempt was even made to connect. With EAP-TLS, I see the same behavior, but even when the freeradius log shows a successful connection, network manager refuses to connect and doesn't output any errors!

I am able to connect 100% of the time with either the Windows XP supplicant or Juniper's Odyssey Access client. This is clearly a network-manager issue. Hopefully, wpa-supplicant will be more reliable.