Use Eduroam on Android 11 without the geteduroam App.
The geteduroam App is by many institutions the recommended way of connecting to eduroam. But, as can be seen from the playstore reviews, it is not the greatest app there is.
Before Android 11, it was very easy to add it yourself, but since Android 11, you can no longer use a custom certificate without naming a "Domain". You can still use eduroam without checking the certificate, but this will expose your credentials to fake eduroam APs and really should not be done.
The Domain setting is just the Domain of your institution (without any subdomains), so if your E-Mail is
email@example.com the domain you want to enter is
The T-Telesec GlobalRoot Class 2 Certificate is also preinstalled (at least on my Galaxy S10e Tab S6lite with Android 12), so no need to manually download it. (If you need it, you can get it here directly from T-Systems)
The full Settings are then as follows:
If the connection is not succesfull immediately, don't worry. Just restart your Wifi, then it should work.
You can get a Certificates CN with openssl:
openssl x509 -noout -subject -in t-telesec-globalroot-2.pem
There is no guarantee that this works, this is just, what finally solved it for me and enabled me to get rid of this awful app.