Configuring a wireless network on Android. There are no default certificates, and no easy way to add them.
Feel free to go straight to the tool.
Recently I switched to Verizon and was immediately drawn to the Motorolla Droid. It is my first smartphone and I must say, it is magnificent! Besides a few hardware concerns (flat keyboard being the major complaint), it is the best phone I’ve ever owned.
One of the reasons I got a Droid, rather than only using my Zune HD, is because it can connect to WPA-Enterprise networks using PEAP authentication. I spend most of my time on my college campus (Purdue University), and we have to login to the wireless network using WPA-Enterprise with PEAP, so the Zune HD was not able to use the wireless network.
However, the Android platform can (at least on the Droid, which runs Android 2.0.1) connect using WPA with PEAP. The only problem with them is that there is no easy way to install the CA certificates necessary to connect to the network. To do this, you have to navigate to an x509 certificate with the correct HTTP headers in the browser. It only requires a few lines of PHP code and the CA certificate, but not many people have easy access to a PHP server or the technical knowledge to use it.
Thus, RealmB’s Android Certificate Installer was created. It allows you to upload a CA certificate from your computer, or from a URL, and have the browser receive the correct headers that launch the Android’s internal CA certificate installation process.
The tool is located at http://www.realmb.com/droidCert/.
Any comments, questions, or thanks can be left as comments here.
Note: I am especially interested to see if this works on non-Droid Android phone, so if it works, could you post a comment saying what type of phone you have and/or what version of Android you are running? (Android 1.5, 1.6, 2.0, or 2.1) Thanks a lot!
Update: I found the site where I found this little header trick: Android Security Discussions – Google Groups. Thanks to user “lynx.” The post is two thirds of the way down the page.
Update 2: Some commentators have said that this does not work on Android 1.5, sorry about that. It has been confirmed to work on Android 1.6 and above.
Pingback: Google Navigation for Android 2.0 on Motorola Droid | AboutAndroid.info
#1 by Tiago Barreiro on February 1, 2010 - 9:08 am
Quote
I have an htc tattoo (android 1.6) and it worked like a charm for wpa2 peap. Great tool!
#2 by cristy on February 12, 2010 - 4:28 am
Quote
I cannot set the 802.1x Enterprise security on tattoo. How did you set the certificate on tattoo
#3 by Philk on February 12, 2010 - 9:55 am
Quote
Where do you find the certificate on your computer?
#4 by Charles on February 12, 2010 - 1:59 pm
Quote
Installed the certs successfully from what I could tell, but my Droid still complains about the certificate when I try to browse to OWA over https (SBS2003) and Exchange setup still fails. Any tips on getting the Exchange setup to work with SBS’s self-signed certificate?
#5 by Pablo on February 16, 2010 - 10:45 am
Quote
Great tool!!! It worked great for my Nexus One (Android 2.1 Update 1)
#6 by Guido on February 22, 2010 - 3:12 pm
Quote
It does not seem to work on my Hero with Android 1.5. It says that there is no program installed to open the file… Hopefully the update to 2.1 comes out quickly!
#7 by liud on February 23, 2010 - 2:13 pm
Quote
tried to use it with samsung spica running android 1.5 and it failed. ” Cannot download. The content is nors supported on the phone”
#8 by vrusabh on March 2, 2010 - 6:36 pm
Quote
I installed on nexus one –gets installed but comes under client cert and not in CA cert.
I need it for CA cert???wat to do??
#9 by Ed on March 3, 2010 - 8:02 pm
Quote
Worked great on my Nexus One with latest updates as of 3/3/2010.
Thanks a lot!!!
#10 by Alessandro on April 1, 2010 - 8:28 am
Quote
Someone with htc tattoo can please tell me your ROM version?? thanks a lot!!!
#11 by Bearic on April 11, 2010 - 4:33 pm
Quote
I just wanted to say Thanks a lot, it worked like a charm. HTC Nexus One as of April 11, 2010. Mine installed in CA certs just fine.
Again, Thanks!!
#12 by Attila on April 21, 2010 - 7:49 am
Quote
I have the same problem as someone above. It installs as client cert, not as CA cert. Tried with my own xampp server too, same effect. Any ides?
(Nexus One, 2.1-update1)
#13 by Attila on April 21, 2010 - 4:19 pm
Quote
I think I know where the problem is. I’m trying to install GTE CyberTrust Root CA.
If you issue the
$ openssl x509 -text -in goodca.crt
command, then you get an output like this (among other things):
X509v3 Basic Constraints:
CA:TRUE
which is not present in my GTE Cybertrust cert. I think this is why it’s getting recognised as a client cert. And I don’t know how can I add this extension to it…
Any Ideas?
Pingback: WiFi - Secured "Open" Network, unable to login. - Droid Forum - Verizon Droid & the Motorola Droid Forum