Advice connecting to wpa2-enterprise - Galaxy S II General

I attend Virginia tech and their wireless is secured with a certificate system.
On my computer I have it setup as wpa2-Enterprise AES with the authentication method as Microsoft: Smart card or other certificate. I had to install the cert. and select the CA cert.
How can I set this up on my phone? I have loaded the user cert and the CA cert (from windows) and tested the settings out but I am still unable to get it to work.
Any help would be appreciated.
TIA

brianmay27 said:
I attend Virginia tech and their wireless is secured with a certificate system.
On my computer I have it setup as wpa2-Enterprise AES with the authentication method as Microsoft: Smart card or other certificate. I had to install the cert. and select the CA cert.
How can I set this up on my phone? I have loaded the user cert and the CA cert (from windows) and tested the settings out but I am still unable to get it to work.
Any help would be appreciated.
TIA
Click to expand...
Click to collapse
Put the cert on the phone's internal sdcard & go to Settings > Location & Security & Install from USB Storage (internal sdcard). Then connect to the wifi & options will come up. Configure with your schools settings.

I have the certs installed as mentioned in the OP. I just don't know what settings to use. PEAP, TLS, which phase 2 to use etc..

brianmay27 said:
I have the certs installed as mentioned in the OP. I just don't know what settings to use. PEAP, TLS, which phase 2 to use etc..
Click to expand...
Click to collapse
Shouldn't your school provide you with that info? Try TLS, that's what my company uses. If that doesn't work then try another.

Woops, They totally do. Can't believe I could not find that before..
Thanks

Related

SSL Cert Problem with direct push

Hello Everyone
I have configured my server & device (SPV M3100 WM2005) to allow direct push but when I sync I get a error which states my security certificate is invalid?
I created the certificate via StartCom Free SSL CA which have sucessfully installed on my server. (OWA & OMA all working correcly using SSL)
However when I try direct push I am unable to sync receiving the above security error.
I have tried exporting the cert to my device..no luck
I have tried using the smartphoneaddcert..no luck
Is this a problem with my orange operator not allowing SSL cert to be installed?? Is there away around this? Eg registry hack etc? If yes, how?
thanks in advance
Jonathan
Check the date and time on your device... it must be correct for the cert to be valid...
Also search for adding root cert via xml in google.
You could just disable security entirely...
You have to make sure the CA issuing the SSL cert. to use is in the trusted root CA list. If that's unsure, you can add the root CA cert again. The free SSL cert company should have the cert being able to download. However, if it's internal CA via Windows, that pretty easy: just use PIE to browse to the CA cert page and click "download root cert". Good luck man.
And if you can't get the certificate to download, you can always put the root certificate on your PDA (by AS) and execute it, then it'll also be registered propperly. After that, it should defenitly work.
i too use StartCom Free SSL. works great!
TseLawrence said:
You have to make sure the CA issuing the SSL cert. to use is in the trusted root CA list. If that's unsure, you can add the root CA cert again. The free SSL cert company should have the cert being able to download. However, if it's internal CA via Windows, that pretty easy: just use PIE to browse to the CA cert page and click "download root cert". Good luck man.
Click to expand...
Click to collapse
I downloaded the cert from the CA page however my device does not recognise the file. It saves as aphp file?
Heimiko said:
And if you can't get the certificate to download, you can always put the root certificate on your PDA (by AS) and execute it, then it'll also be registered propperly. After that, it should defenitly work.
i too use StartCom Free SSL. works great!
Click to expand...
Click to collapse
I emailed the cert which was installed on my server, then sync'd it to my device without luck? Do i need to sync while actually attached to my server. I am currently doing all this remotely as I do not have physical access to the server as of yet?
JOY JOY Worked it out!!
I exported my Cert as a "PKCS #7 Certificate"
When I opened the cert I had all three certs in the chain.
I then sync'd all three cert onto my device and installed in order.
My device is now syn'cd via direct push!
Yippeeee

Wifi Problems

Hey guys,
I have a problem with the wifi connection on my phone. For some reason, it cannot connect to the school network.
https://sara.morehead-st.edu/ <--- this is the link for some requirements and where I have to download the root certificate they provide.
I try to connect, and I get a dialog asking for my username and password and I put it in but then I get "Unable to connect, connection requires a certificate to connect."
Here are what it says I must have:
Requirements
* Wireless LAN adapter with current drivers capable of:
o either 802.11a, 802.11b and/or 802.11g
o WPA/WPA2 (Wireless Protected Access)
o TKIP (Temporal Key Intergrity Protocol)
o PEAP (Protected Extensible Authentication Protocol)
MSChapV2 (Microsoft version 2 of Chap)
-OR-
EAP-TTLS
o IEEE 802.1x protocol
* Operating Systems:
o Windows XP
o Windows Vista
o Apple Mac OS X (10.3 or later)
o Windows Mobile 2003SE or later
o Linux or *BSD with suitable supplicant
* User Information:
o valid MSU Id
o valid Web PIN
o trusted root certificate
(see step-by-step guides)
Click to expand...
Click to collapse
Edit: Also, do you guys know how I can get the program to trim music files? I used to be able to do it in either Windows Media Player or Audio Manager, but I can't find the feature anymore.
Ask your IT guy to export the root certificate as a .cer file for you and copy it to your PDA, it should install if you just click on it. Then go to system>certificates and the personal tab, the new certificate should be in there.
If you tap on the name it should give details of the cert. Click ok and go to root tab and the cert should be in there.
Hey,
The root.cer file actually does fine. It says "Certificate accepted" and what-not and then I can also click on connect and get the dialog asking for my username and password. For some reason after that it just won't work. Like it just says connecting and then eventually tries another connection.
The phone does support this system and has all the right things right?
Is there any programs that help with connections or increases options of your connection?
Please guys
I am unable to browse anything when in class

Personal certificate

I need to install a certificate for wifi on my university. As you all know PEAP needs a personal certificate. But when i install the certificate it's placed in the base folder and not in the personal folder.
Yes i added the ValidateServerCert to the registery.
Anyone can help?
If I am not mistaken it should be in the base
or it may depend on the certificate
In my case I also need a cer to use my Uni's WiFi and when I install it I find it in the base list
my problem is the certificate seems to be outdated otherwise according to the instruction I had the certificate should be in the base list.
Not sure if this helps, I have a digital certificate which allows me to get onto my work email from home.
I just copied the certificate to my memory card and then opened it through the phones file explorer.
It installed the certificate for me.
I installed the certificate the same way as you. But when i try to connect the router, it says: "you need a personal certificate" and personal certificates are used to identify yourself and base certifactes are not. So i think i need to get that certifacte to te personal folder.
Have you tried via ActiveSync? Saw an option last night, although have no experiences with certs.
Try secureW2 plug-in. (use google to find it)
A common problem is that you need certain root certificates as well- and WM doesn't download/ install them.
There are even networks that you won't be able to connect to using PEAP- like the one my uni uses. Don't ask me for detailed reasons... It's some kind of yet unsolved WM-WiFi-certificate-issue.
i use secureW2 as well at my university... works great

Email Encryption Certificate

Has anyone managed to install a certificate to encrypt email?
I need to use secure email for work, came from WM6.5 where I was able to install a Comodo email certificate
TIA
Docsboard said:
Has anyone managed to install a certificate to encrypt email?
I need to use secure email for work, came from WM6.5 where I was able to install a Comodo email certificate
TIA
Click to expand...
Click to collapse
no takers?
Hi,
I've managed to obtain a Comodo certificate and install it on my Desire.
I tried requeting the certificate on the Desire but it failed to install no matter what I did. So I requested it on my laptop instead, installed it to my laptop then exported it in PKF format. Copied the PKF file to my Desire and then renamed it to have the extension of PK9.
Put the PK9 file in the root of the SD card and ran the import certificate option from the security menu in the phone. This worked, the certificate was installed on my phone and I can see it.
Now here's the problem - Despite the certificate being installed I cannot find any way to use it to sign or encrypt emails on the email client on the Desire.
I guess I'm in the same boat as you
I am still trying to figure this out as well. We use IPSec based VPN to connect to the company network. Once authenticated at the firewall, we use our domain account credentials to authenticate to the microsoft exchange server.
Are you guys able to access internal websites that require certificates?
I am logged into my company wireless router and I am able to connect to non access controlled internal websites (i.e. http://). However, I am have been unable to connect to access controlled internal websites (i.e. https://).

Xoom w/ Phase 2 Authentication = Fail

Anyone else have this issue? I heard about the bug in 2.2 that caused phase 2 authentication to not hold, but it appears it made it to 3.0. When trying to connect to my work network, I select MSCHAPv2, and other appropriate settings; however no connection is made. When I go back into the settings, the phase 2 authentication is set to none.
I have tried creating the connection manually, resetting the connect over and over, still no luck. Any ideas?
Have the same issue!
No workaround or patch yet
Brgds,
S.
I have mine working here in my office without issue.
The key thing you need is the Cert.
On my network, there are 2 ways to get it.
1. Find the .cer file and put it on the ROOT of the "SDCard" (internal storage)
1. Be sure the {filename}.cer file is on the ROOT of your SD Card (not inside any folders)
2. From Home Screen, go into Menu > Settings
3. Depending on your phone, you may see either:
a. Location & Security
b. Security​4. Go into whichever menu option you have
5. Scroll to the bottom and click Install from SD card
6. You will either be prompted to import and create a password (which should be something you will remember) or you will see an error that no certs could be found. This is normal and does not mean it will not work, just continue with the steps below and all should be fine.
7. Next turn on Wi-Fi
8. Go into Wi-Fi Settings
9. Click Add-Wi-Fi Network and enter the following:
a. SSID: {Your-SSID-Here} (Case Sensitive!!!)
b. Security: 802.1x Enterprise or 802.1x EAP (Not all devices will have this option)
c. CA Certificate: None Specified (here, you MUST click on the None Specified and then click again on the None Specified in order for the cert to be picked up on your SD Card. Not all devices will have this option)
d. User Certificate: None Specified (this one can be left alone. Not all devices will have this option)
e. EAP Method: PEAP
f. Phase 2 authentication: MSCHAPV2
g. Identity: Your Domain account name (you do not need to put {DOMAIN}\ in front of your user name)
h. Anonymous identity: Leave this BLANK
i. Wireless Password: Your DOMAIN domain password​
Note: On some devices or ROM’s (for those that are rooted), you will be prompted for the Cert Password when re-connecting to the W-Fi Network; this will be the password you used in step 6.
2. Log into the Guest Wireless account, fire up the browser and log into when asked. This will download the cert.
Once either of those are done, set up your wireless connection and it works.
Now, I know it's different for other networks out there, but give me some info and I'll see if I can help.
Thanks.
Updated above

Categories

Resources