How to: Restore "Do not validate" option for CA certificate choice in WPA/WPA2/WPA3-Enterprise Wi-Fi Security profile on Android 11

In Android 11, under Enterprise Wi-Fi security, the option to not validate the server certificate has been removed in accordance with the WPA3 specifications from the Wi-Fi Alliance.

In practice, Android 11 disables the ability to select “Do not validate” for the “CA Certificate” drop-down menu in the network settings for a given SSID, as can be seen from the comparison images between Android 10 (image 1) and Android 11 (image 2) below:

Image 1 (Android 10)

Image 2 (Android 11)

Although our recommendation for customers is to adopt the server certificate for Wi-Fi enterprise security reasons, in some cases it may be necessary to restore this setting for an existing Wi-Fi configuration.

For this reason, to restore the “Do not validate” option for the “CA certificate”, the following adb command is available to enable a specific system property:

adb shell setprop persist.dlwifi.disablescv true

For Android’s adb tool support, please refer to the official Android Debug Bridge (adb) documentation.

Once the property is set, the “Do not validate” option is restored for the “CA Certificate” drop-down menu and is available again for selection also in Android 11:

Note that the system property is used to restore the “Do not validate” option at the user interface level for a manual radio configuration.
But the configuration of this type of Enterprise Wi-Fi security remains supported by Scan2Deploy Studio or AEQR Code deployment tools even without configuring the system property.

The solution is available for the following Datalogic devices:

  • Skorpio X5 A11 fw v3.26.001 and newer
  • Memor 20 A11 fw v3.26.001 and newer
  • Joya Touch 22 fw A11 v1.13.002 and newer