There is a big security issue on WPA2 Enterprise (802.1x) configuration in Android. The GUI offers no way to set the sebject_match option for the certificate so it is possible to install an fake Radius server and fish user credentials even there is set a cetificate in the Wifi configuration.
As far as i know it is possible to set the subject match option manual in the wpa_supplicant.conf but this is only possible on rooted devices and not on all rooted devices. I have found out that there is the option in the wifienterpriseconfig.java. The answer of google for that beheavior is "this works as intended".
My question is now, is there a way to write a app to configure wificonnections without root privileges which includes the subject_match option and has anyone experience with that?