Setting up Eduroam on a PC securely including certificate checking during authentication to prevent password theft is quite a bit of a challenge but not impossible. On Android, things are even more difficult and it’s a bit strange that many universities are showing how to configure Eduroam manually on their help pages rather than linking to the Eduroam Configuration Assistant Tool (eduroamCAT) web page that makes things a lot easier.
The app is available in the Google Play store but also for direct download from the Eduroam web page for those (like me) who prefer not to use a store. As each university uses their own Eduroam setup, authentication servers, authentication method and certificates, the tool requires specific configuration files which the web page also seems to have for participating institutions.
Theoretically, configuration information can be selected directly in the app once installed but this failed on my devices for both universities I tried the app with. When I accessed the configuration information via the browser which opens the app automatically as well, things worked like a charm and the only thing left to do was entering the username and password in the eduroamCAT app. The app will then install a new Wi-Fi profile and, as can be seen in the screenshot on the left, configures an anonymous ID for the first authentication phase, ensures that the server certificates for authentication are installed correctly and that only those are accepted by the operating system during the Wi-Fi authentication process.
It’s a bit strange that the auto-download of the configuration information didn’t work for both institutions I tried the installer with on any of my devices. With this fixed, however, configuring Eduroam on Android is straight forward.