Guy Rutenberg

Apparently it’s pretty easy, but there are some pitfalls. The first step is to export the certificate as a DER encoded X.509 certificate. This can be done using Firefox (on a PC) by clicking on the SSL’s lock sign in the address bar, More Information -> View Certificate -> Details -> Export. The exported certificate needs to be saved on the root directory of the internal storage of the phone, with *.cer extension (or *.crt). Other extensions will not work.

Afterwards, on the phone, click on “Install from device storage” under Settings->Security->Credential Storage. If you did everything as you should at the previous step, it will display the certificate name, and ask you to confirm its installation. If you’ve exported the certificate as the wrong format, gave it the wrong extension or placed it somewhere else than the root of the internal storage, it will display the following error:

No certificate file found in USB storage

If you see it, just make sure you are exporting the certificate correctly and saving it at the right place.

More details: Work with certificates (Geared towards Galaxy Nexus, but should apply to any Android 4.0 and above.

After upgrading to CyanogenMod 9 (ICS 4.0.4) I’ve experience problems connecting to WiFi networks. Most of the time I’ve tried to connect to a WiFi network it would try to connect and then fail. Often it would also show the network I’ve just tried to connect to as “Not in range”. This was extremely irritating, as I could stand by my router and have the phone report that there is no signal, while another Galaxy S2 phone would connect immediately, the only difference was that the other phone was running Android 2.3.7. Needless to say, I haven’t made any major (or minor) changes to my WiFi equipment and the problem wasn’t confined just to my home. Sometimes, it would connect after being idle for a day or so.

Back when I was using CyanogenMod 7, I had no problems with the WiFi on my phone, and I could also replicate this behaviour on another Galaxy S2 I’ve upgraded to CyanogenMod 9. Initially I thought it was some bug in CyanogenMod, but I came up with nothing. Over the weekend, I’ve figured maybe the bug isn’t specific to CyanogenMod, and I’ve found this bug report WiFi freeze on Samsung Galaxy S2 with ICS 4.0.3. For some reason many people have problems with WiFi on Galaxy S2 with ICS. While the report relates to the WiFi freezing, which I didn’t experience, I’ve decided to sift through the comments. Some people mentioned the “Wi-Fi frequency band” feature available in Wi-Fi settings -> Advanced (available by pressing the menu button), so I’ve decided to try playing with the different settings there.

This setting allows you to choose the WiFi operating frequency between three options 5GHz, 2.4GHz and “Auto”, which as you can guess automatically figures out the right frequency, 5GHz (802.11a and 802.11n) and 2.4GHz(802.11b/g/n). However, it seems the phone (probably due to a problem in the driver) fails the “Auto” thing. Instead of guessing the right frequency, it fails to connect. So I’ve changed it to 2.4GHz, which is still more popular choice in routers over 5GHz, and instantly my phone connected to my router.

For conclusion: If you have trouble connecting to WiFi on Samsung Galaxy S2 with ICS, you should probably set the phone to use 2GHz only (or 5GHz only) instead of the default “Auto” mode.

One of the new features touted by ICS is full-disk encryption (actually it was first available in Android 3). The first look is promising. The android developers went with dm-crypt as the underlying transparent disk encryption subsystem, which is the de-facto way to perform full-disk-encryption in Linux nowadays. This ensures both portability of the encrypted file systems and tried-and-tested implementation. The cipher itself is 128-bit AES in a ESSIV mode, and the encryption key is derived from the password using PBKDF2 (actually it’s the key that encrypts the actual encryption key, allowing fast password changes). So where do I think it went wrong?

Enabling the full disk encryption.

Read the rest of this entry »