I decided to write this article because I spent a few hours trying to force Android 11 to cooperate with
WPA2-Enterprise EAP-TLS accesspoint because as we know in Android 11 was a change which forces to fill in
domain name parameter and if you used prevoiusly in Android 10 EAP-TLS with Freeradius 3.0 in which domain name
was empty then you will have a problem. I had a situtaion in which after upgrade to Android 11 connection
to WPA2-Enterprise still worked because the configuration was saved by Android 10 and used by Android 11.
But after removing old config and trying to re-add it you have an issue.
In the internet I could read, that the CN field from CA cert is compared but this is not true and actually you have to update CN field from server crt.
I assume that you use certificates from /etc/freeradius/3.0/cert directory in your configuration. Here are the steps to configure Freeradius for Android 11
Have fun.
In the internet I could read, that the CN field from CA cert is compared but this is not true and actually you have to update CN field from server crt.
I assume that you use certificates from /etc/freeradius/3.0/cert directory in your configuration. Here are the steps to configure Freeradius for Android 11
- Login as root to console on Freeradius server.
- cd /etc/freeradius/3.0/certs
- delete all server.* files with exception of server.cnf
- nano server.cnf and go to the end where commonName property is defined and put there your domain name for example kalamlacki.eu then save and exit
- execute commnad make server
- chown freerad.freerad server.*
- systemctl restart freeradius
Have fun.