Comment 2 for bug 2016625

Ok, I think I see what's going on.

The keyfile created by Network Manager has the following configuration:

[802-1x]
eap=peap;

When we parse the keyfile to emit Netplan YAML, this setting will become:

networkmanager:
  passthrough:
    802-1x.eap: "peap;"

Because it's a "networkmanager.passthrough" setting, we don't really interpret it. And because of that, the authentication method will be NETPLAN_AUTH_EAP_NONE in the Netplan state.

As we check if the method is not NONE, we end up not writing the auth parameters to the keyfile: https://github.com/canonical/netplan/blob/main/src/nm.c#L450

Adding the key "auth.method:"peap" to the YAML file manually will make Netplan emit the auth configuration:

 [wifi-security]
 key-mgmt=wpa-eap
-psk=testing123

 [802-1x]
-#Netplan: passthrough setting
+#Netplan: passthrough override
 eap=peap;
+<email address hidden>
+password=testing123
+ca-cert=/user/.config/cat_installer/ca.pem
+phase2-auth=mschapv2

The reason we are not properly parsing the method appears to be the trailing ";" in the configuration emitted by Network Manager. The field is a list of string separated by ";" but we currently parse it as only one scalar value.

Because of the ";", we don't find the proper method and this setting end up in the passthrough block: https://github.com/canonical/netplan/blob/main/src/parse-nm.c#L358