Validating certificate wireless
I could conceivably build my own RADIUS server and intercept your user's AD credentials.
Not an ideal setup but your department will need to do the risk analysis.
When I click the drop down list for CA certificate I get nothing in the list (just N/A) Now I have the certificate (Thawte Premium Server CA.pem) and have moved it to my SD card, but it doesn't look like Android automatically detects it.
Where should I put the certificate so that the Android wireless manager recognizes it. My phone is not rooted EDIT: After doing some research it looks like you are able to install certificates by going to your phone's settings Install from SD card Unfortunately it looks like the only accepted file extension is .p12.
In other words, how can I import a CA certificate so that Android recognizes that it is on the phone and displays it in the CA Certificate drop down list. It does not look like there is a way to import or files (which are the only two files that come with the Thawte certificates) at this moment.
It does look like you can use a converter to convert your or files to .p12, however a key file is needed. In this article to (which is what you need on Android) conversion is given.
This is from the Free RADIUS documentation but I expect it is equal valid for the Microsoft implementation: In general, you should use self-signed certificates for 802.1x (EAP) authentication.Go to Security and find option something like this: install certificate from your SD card First install CA.crt, then usercert.p12 Go to wifi and make new connection, choose 802.1x EAP whatever and select your certificates for CA and for user certificate usercert.p12 in my case I entered username as well. After this, push the certificate into the "download folder of the Android device and use the "Install from SD Card" menu to install the certificate.A fundamental component of RADIUS is a client's validation of the RADIUS server's identity.You simply upload your PEM encoded (or .pem) file and then point your phone's browser to the link that is provided. So You can check whether your CA file binary or text very simple: open it with any text editors^ If there something like Or just ask your system administrator.Copy both and usercert.p12 to your SD card or send it by email (if you have an email client configured on Android, usually downloaded attachments are stored in Download folder, actually it does not matter). If you have a certificate in Text mode, which is the most common certificate format, convert it simply in "DER Binary" format.
Search for validating certificate wireless:
In order to enable the client to connect we have to add the network manually and un-check the "Validate server certificate" as shown in the screenshot below.