@Thiago: I think adding a CA certificate to a Freeradius instance to please Android 11 is not an easy task ! Saying this, I don't blame Freeradius at all for this (far from it, as Freeradius includes a quite exhaustive doc (see raddb/certs/README.md) and integrate various tools (make, bootstrap, ...)) but as I recently discovered, issues can also come from either Android device or from the device config/usage. When there is an issue, it's not easy to spot where it comes from and what to change (the device software, its config or your Freeradius config). The ideal situation would be to have a working reference for all involved elements (Android device (soft+config), Wifi AP, Freeradius (software+config), CA Cert) and then only change one element at a time in this working reference until this it matches your target config. If you ever meet success adding a LetsEncrypt cert, I would be very curious to know some of your config details. I wish you the best luck in your testings. Le mer. 29 juin 2022 à 15:29, Alan DeKok <aland@deployingradius.com> a écrit :
On Jun 29, 2022, at 9:21 AM, Thiago Martins via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
One of my users has an Android 11 smartphone and it no longer let you insecurely connect to enterprise WiFi networks. In the option "CA certificate" There is no "Do not validate" option. So I'm looking for a solution. How can I create a certificate for this user? My Freeradius server is running on linux.
Read raddb/certs/README.md
Or, get a "letsencrypt" certificate, and use that.
Alan DeKok.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html