EAP TLS certificates - Questions
work vlpl
thework.vlpl at gmail.com
Thu Dec 16 20:16:08 CET 2021
I do not see an option on my Android device to configure FQDN
manually, but you can create a profile for Android and install it.
Check this page
https://source.android.com/devices/tech/connect/wifi-passpoint you
will find an xml example of profile.
Android 11 by documentation should use node AAAServerTrustedNames,
maybe this works on Pixel or other devices that use stock Android. My
device from Samsung uses this xml node to check CN in radius server
certificate.
<Node>
<NodeName>FQDN</NodeName>
<Value>hotspot.example.net</Value>
</Node>
Android < 11 also uses FQDN node to check CN
On Thu, 16 Dec 2021 at 22:57, Elias Pereira <empbilly at gmail.com> wrote:
>
> The problem is this new android 11 rule that requires us to put
> the domain in the EAP-TLS configuration. It's a pain in the ass!
>
More information about the Freeradius-Users
mailing list