User Tools

Site Tools


eduroam_android4

eduroam setup for Android 4.x

The following instructions assume that you are the device administrator, in order to be able to install a certificate. If you are not the device administrator, you might get some rather uninformative error messages like “Unfortunately, Certificate Installer has stopped”. The graphical interface might differ a bit from the below screenshots depending on the Android version in use, but the required data should be the same. Two protocols can be used for authentication using HITS eduroam IDs: PEAP/MSCHAPv2 and TTLS/MSCHAPv2. The two protocols are similar, there is no preference for using one or the other.

Step 1. Download the certificate to your computer.

Step 2. In the drop down menu, click on the certificate name.

Step 3. When asked to enter a name for it, enter “hits-eduroam-ca.crt” and click “OK”. In case you don't use a screen lock, you'll now be asked to set one, as it makes no sense to install a cerificate on a device that anyone can easily access; setting up a screen lock is not part of this documentation. In the lower part of the screen, a short message “hits-eduroam-ca.crt has been imported” should briefly appear.

Step 4. Open the WiFi dialog showing the list of available networks, then click on “eduroam”.

Step 5. In the “eduroam” window, check “Show advanced options”.

Step 6. To use PEAP, enter or choose from the menus the following data:

  • Identity: <your username>@h-its.org
  • Password: (your password - the same password that you use to access your e-mail)
  • EAP method: PEAP
  • Phase 2 authentication: MSCHAPv2
  • CA certificate: hits-eduroam-ca.crt
  • User certificate: (should be left empty)
  • Anonymous identity: anonymous@h-its.org
  • Proxy settings: None
  • IP settings: DHCP

After clicking on “Connect” or “Save”, access to the “eduroam” network should be granted.

To use TTLS, enter or choose from the menus the following data:

  • Identity: <your username>@h-its.org
  • Password: (your password - the same password that you use to access your e-mail)
  • EAP method: TTLS
  • Phase 2 authentication: MSCHAPv2
  • CA certificate: hits-eduroam-ca.crt
  • User certificate: (should be left empty)
  • Anonymous identity: anonymous@h-its.org
  • Proxy settings: None
  • IP settings: DHCP

After clicking on “Connect” or “Save”, access to the “eduroam” network should be granted.

eduroam_android4.txt · Last modified: 2014/12/22 14:07 by costesbn