How create CA certificate for a linux based freeradius server?

Thiago Martins thiagomartins at
Thu Jun 30 16:40:30 UTC 2022

Hi Guys,

I followed all instructions and now I'm able to generate certificates.
Thank you all.
I'm not very pleased about it so we're are trying to create a simple
android app to manage the connection parameters using the following

It was a suggestion in this article:

Thank you again!

Em qua., 29 de jun. de 2022 às 12:05, Olivier <oza.4h07 at> escreveu:
> @Thiago:
> I think adding a CA certificate to a Freeradius instance to please
> Android 11 is not an easy task !
> Saying this, I don't blame Freeradius at all for this (far from it, as
> Freeradius includes a quite exhaustive doc (see raddb/certs/
> and integrate various tools (make, bootstrap, ...)) but as I recently
> discovered, issues can also come from either Android device or from
> the device config/usage.
> When there is an issue, it's not easy to spot where it comes from and
> what to change (the device software, its config or your Freeradius
> config).
> The ideal situation would be to have a working reference for all
> involved elements (Android device (soft+config), Wifi AP, Freeradius
> (software+config), CA Cert) and then only change one element  at a
> time in this working reference until this it matches your target
> config.
> If you ever meet success adding a LetsEncrypt cert, I would be very
> curious to know some of your config details.
> I wish you the best luck in your testings.
> Le mer. 29 juin 2022 à 15:29, Alan DeKok <aland at> a écrit :
> >
> > On Jun 29, 2022, at 9:21 AM, Thiago Martins via Freeradius-Users <freeradius-users at> wrote:
> > > One of my users has an Android 11 smartphone and it no longer let you
> > > insecurely connect to enterprise WiFi networks. In the option "CA
> > > certificate" There is no "Do not validate" option. So I'm looking for
> > > a solution. How can I create a certificate for this user? My
> > > Freeradius server is running on linux.
> >
> >   Read raddb/certs/
> >
> >   Or, get a "letsencrypt" certificate, and use that.
> >
> >   Alan DeKok.
> >
> > -
> > List info/subscribe/unsubscribe? See
> -
> List info/subscribe/unsubscribe? See


Thiago M



Esta mensagem é endereçada exclusivamente ao seu destinatário e poderá 
conter informações confidenciais. 
O uso não autorizado de tais informações 
é proibido e estará sujeito às penalidades cabíveis. 
*This message is 
intended exclusively for its addressee and may contain information that is 
confidential. *
*Unauthorized use of such information is prohibited and 
subject to applicable penalties.*

More information about the Freeradius-Users mailing list