Connect to enterprise WiFi network (802.1x) without a cert on Android 11 or above (root needed)

README.md

I tested this on my Mi 6 (Sagit) with Lineage OS ROM installed.

1. adb shell into your android device and su to get root shell.

2. Go to /data/misc/apexdata/com.android.wifi. You'll see two files: WifiConfigStore.xml and WifiConfigStoreSoftAp.xml. The later one is for wifi hotspot and we'll only Edit the WifiConfigStore.xml.

3. Insert contents below in entry.xml into <NetworkList> entry. Replace MY_WIFI_SSID, MY_IDENTITY, MY_PASSWORD to the real one.

4. You can also change other options (Such as RandomizedMacAddress)

entry.xml

<Network>
<WifiConfiguration>
<string name="ConfigKey">&quot;MY_WIFI_SSID&quot;WPA_EAP</string>
<string name="SSID">&quot;MY_WIFI_SSID&quot;</string>
<null name="PreSharedKey" />
<null name="WEPKeys" />
<int name="WEPTxKeyIndex" value="0" />
<boolean name="HiddenSSID" value="false" />
<boolean name="RequirePMF" value="false" />
<byte-array name="AllowedKeyMgmt" num="1">0c</byte-array>
<byte-array name="AllowedProtocols" num="1">03</byte-array>
<byte-array name="AllowedAuthAlgos" num="1">01</byte-array>
<byte-array name="AllowedGroupCiphers" num="1">0f</byte-array>
<byte-array name="AllowedPairwiseCiphers" num="1">06</byte-array>
<byte-array name="AllowedGroupMgmtCiphers" num="0"></byte-array>
<byte-array name="AllowedSuiteBCiphers" num="0"></byte-array>
<boolean name="Shared" value="true" />
<boolean name="AutoJoinEnabled" value="true" />
<boolean name="Trusted" value="true" />
<null name="BSSID" />
<int name="Status" value="2" />
<null name="FQDN" />
<null name="ProviderFriendlyName" />
<null name="LinkedNetworksList" />
<null name="DefaultGwMacAddress" />
<boolean name="ValidatedInternetAccess" value="true" />
<boolean name="NoInternetAccessExpected" value="false" />
<boolean name="MeteredHint" value="false" />
<int name="MeteredOverride" value="0" />
<boolean name="UseExternalScores" value="false" />
<int name="CreatorUid" value="1000" />
<string name="CreatorName">android.uid.system:1000</string>
<int name="LastUpdateUid" value="1000" />
<string name="LastUpdateName">android.uid.system:1000</string>
<int name="LastConnectUid" value="1000" />
<boolean name="IsLegacyPasspointConfig" value="false" />
<long-array name="RoamingConsortiumOIs" num="0" />
<string name="RandomizedMacAddress">23:34:43:97:23:a0</string>
<int name="MacRandomizationSetting" value="1" />
<int name="CarrierId" value="-1" />
<boolean name="IsMostRecentlyConnected" value="true" />
</WifiConfiguration>
<NetworkStatus>
<string name="SelectionStatus">NETWORK_SELECTION_ENABLED</string>
<string name="DisableReason">NETWORK_SELECTION_ENABLE</string>
<string name="ConnectChoice"></string>
<boolean name="HasEverConnected" value="true" />
</NetworkStatus>
<IpConfiguration>
<string name="IpAssignment">DHCP</string>
<string name="ProxySettings">NONE</string>
</IpConfiguration>
<WifiEnterpriseConfiguration>
<string name="Identity">MY_IDENTITY</string>
<string name="AnonIdentity"></string>
<string name="Password">MY_PASSWORD</string>
<string name="ClientCert"></string>
<string name="CaCert"></string>
<string name="SubjectMatch"></string>
<string name="Engine">0</string>
<string name="EngineId"></string>
<string name="PrivateKeyId"></string>
<string name="AltSubjectMatch"></string>
<string name="DomSuffixMatch"></string>
<string name="CaPath"></string>
<int name="EapMethod" value="0" />
<int name="Phase2Method" value="3" />
<string name="PLMN"></string>
<string name="Realm"></string>
<int name="Ocsp" value="0" />
<string name="WapiCertSuite"></string>
</WifiEnterpriseConfiguration>
</Network>