EAP-TLS not working


Mar 23, 2019
Hi everyone!

Since the original MIX came out I had been lusting over it but Android just wasn't there yet, then came the second even more gorgeous in white but still was the same situation. When the 3rd arrived, Android still has a lot to go but the device is astonishingly beautiful and I didn't care anymore, I tortured myself back and forth undecided for months but finally I added it to the shopping cart and hoped for the best. Just a day later here it was and it's been another torture, I've been modifying every parameter on the phone and on the wireless infrastructure to get it to connect using smart card certificates, or WPA2 EAP-TLS, but it just won't work. I've exported and reimported the certificates in every format, concatenated and not, password-protected and not, in binary, in base64, in Java keystores, using different exporting tools, entering and credential field value at a time and adding one by one while rotating them and checking the connection report in the domain controllers after. each. time. consuming. iteration. and it just won't connect. Using the same exact files I've got Windows 10, macOS 10.6 all the way to 10.14, iOS12, Red Hat 7.6, Fedora 29 and a handful more Android devices I have to test, they all connect. It is just the MIX 3 that's sending credentials to the domain controllers that don't map to any user.

I am no stranger to Android, on my second line I always keep experimenting with some random device that catches my attention so I'm more-or-less up to date if I'm asked for assistance on things that tend to be a little more complicated like certificates, smart card and MDM. All of which I use constantly. That said, I'm far from an expert and couldn't code to save my life but I know I'm doing things right and it is something either wrong with the phone, or something I don't know about the phone that should be done. I hadn't used Android 9 either and I had a hard time locating the certificate manager, it is not where it should be, like I said, since this is my first time in version 9, I don't know if it's MIUI 10's customizations that removed it or that's the way it is in 9. I did find opening from another screen, but it does not seem like it was thought out. There should be direct access to something so critical.

Is this a know issue? Has it happened to any of you? If so could you share what did you do to fix it? I really don't want to return the phone, even with so much I not crazy about privacy-wise, it is really gorgeous to my eyes I could just stare at it forever.