diff --git a/res/layout/wifi_dialog.xml b/res/layout/wifi_dialog.xml
index bce8fb08f78..de24c626489 100644
--- a/res/layout/wifi_dialog.xml
+++ b/res/layout/wifi_dialog.xml
@@ -107,7 +107,7 @@
                             android:prompt="@string/wifi_eap_method"
                             android:entries="@array/wifi_eap_method" />
                 </LinearLayout>
-                
+
                 <LinearLayout android:id="@+id/l_phase2"
                         android:layout_width="match_parent"
                         android:layout_height="wrap_content"
@@ -301,7 +301,7 @@
                     android:layout_height="wrap_content"
                     style="@style/wifi_section"
                     android:visibility="gone">
-                <LinearLayout 
+                <LinearLayout
                         android:layout_width="match_parent"
                         android:layout_height="wrap_content"
                         style="@style/wifi_item">
diff --git a/res/values/strings.xml b/res/values/strings.xml
index f36999796ba..c2cd019aa0f 100644
--- a/res/values/strings.xml
+++ b/res/values/strings.xml
@@ -1639,6 +1639,10 @@
     <string name="wifi_unspecified">Please select</string>
     <!-- Hint for multiple certificates being added to the configuration -->
     <string name="wifi_multiple_cert_added">(Multiple certificates added)</string>
+    <!-- Menu option for not providing an EAP user certificate -->
+    <string name="wifi_do_not_provide_eap_user_cert">Do not provide</string>
+    <!-- Menu option for not validating the EAP server -->
+    <string name="wifi_do_not_validate_eap_server">Do not validate</string>
     <!-- Substring of status line when Wi-Fi Protected Setup (WPS) is available and
          string is listed first [CHAR LIMIT=20]-->
     <string name="wifi_wps_available_first_item">WPS available</string>
diff --git a/src/com/android/settings/wifi/WifiConfigController.java b/src/com/android/settings/wifi/WifiConfigController.java
index 45567dd0811..7de11be5785 100644
--- a/src/com/android/settings/wifi/WifiConfigController.java
+++ b/src/com/android/settings/wifi/WifiConfigController.java
@@ -116,9 +116,13 @@ public class WifiConfigController implements TextWatcher,
     private TextView mPasswordView;
 
     private String mUnspecifiedCertString;
-    private static final int UNSPECIFIED_CERT_INDEX = 0;
     private String mMultipleCertSetString;
-    private static final int MULTIPLE_CERT_SET_INDEX = 1;
+    private static final int UNSPECIFIED_CERT_INDEX = 0;
+    private static final int NO_CERT_INDEX = 1;
+    private static final int MULTIPLE_CERT_SET_INDEX = 2;
+
+    private String mDoNotProvideEapUserCertString;
+    private String mDoNotValidateEapServerString;
 
     private Spinner mSecuritySpinner;
     private Spinner mEapMethodSpinner;
@@ -183,6 +187,11 @@ public class WifiConfigController implements TextWatcher,
 
         mUnspecifiedCertString = mContext.getString(R.string.wifi_unspecified);
         mMultipleCertSetString = mContext.getString(R.string.wifi_multiple_cert_added);
+        mDoNotProvideEapUserCertString =
+            mContext.getString(R.string.wifi_do_not_provide_eap_user_cert);
+        mDoNotValidateEapServerString =
+            mContext.getString(R.string.wifi_do_not_validate_eap_server);
+
         mIpSettingsSpinner = (Spinner) mView.findViewById(R.id.ip_settings);
         mIpSettingsSpinner.setOnItemSelectedListener(this);
         mProxySettingsSpinner = (Spinner) mView.findViewById(R.id.proxy_settings);
@@ -488,7 +497,10 @@ public class WifiConfigController implements TextWatcher,
                         break;
                 }
                 String caCert = (String) mEapCaCertSpinner.getSelectedItem();
-                if (caCert.equals(mUnspecifiedCertString)) {
+                if (caCert.equals(mUnspecifiedCertString)
+                        || caCert.equals(mDoNotValidateEapServerString)) {
+                    // Note: |caCert| should not be able to take the value |unspecifiedCert|,
+                    // since we prevent such configurations from being saved.
                     config.enterpriseConfig.setCaCertificateAliases(null);
                 } else if (caCert.equals(mMultipleCertSetString)) {
                     if (mAccessPoint != null) {
@@ -496,14 +508,20 @@ public class WifiConfigController implements TextWatcher,
                             Log.e(TAG, "Multiple certs can only be set when editing saved network");
                         }
                         config.enterpriseConfig.setCaCertificateAliases(
-                                mAccessPoint.getConfig().enterpriseConfig.getCaCertificateAliases());
+                                mAccessPoint.getConfig().enterpriseConfig
+                                        .getCaCertificateAliases());
                     }
                 } else {
                     config.enterpriseConfig.setCaCertificateAliases(new String[] {caCert});
                 }
 
                 String clientCert = (String) mEapUserCertSpinner.getSelectedItem();
-                if (clientCert.equals(mUnspecifiedCertString)) clientCert = "";
+                if (clientCert.equals(mUnspecifiedCertString)
+                        || clientCert.equals(mDoNotProvideEapUserCertString)) {
+                    // Note: |clientCert| should not be able to take the value |unspecifiedCert|,
+                    // since we prevent such configurations from being saved.
+                    clientCert = "";
+                }
                 config.enterpriseConfig.setClientCertificateAlias(clientCert);
                 if (eapMethod == Eap.SIM || eapMethod == Eap.AKA || eapMethod == Eap.AKA_PRIME) {
                     config.enterpriseConfig.setIdentity("");
@@ -713,8 +731,10 @@ public class WifiConfigController implements TextWatcher,
             mEapIdentityView = (TextView) mView.findViewById(R.id.identity);
             mEapAnonymousView = (TextView) mView.findViewById(R.id.anonymous);
 
-            loadCertificates(mEapCaCertSpinner, Credentials.CA_CERTIFICATE, false);
-            loadCertificates(mEapUserCertSpinner, Credentials.USER_PRIVATE_KEY, false);
+            loadCertificates(mEapCaCertSpinner, Credentials.CA_CERTIFICATE, false,
+                    mDoNotValidateEapServerString);
+            loadCertificates(mEapUserCertSpinner, Credentials.USER_PRIVATE_KEY, false,
+                    mDoNotProvideEapUserCertString);
 
             // Modifying an existing network
             if (mAccessPoint != null && mAccessPoint.isSaved()) {
@@ -752,7 +772,7 @@ public class WifiConfigController implements TextWatcher,
                 } else {
                     // Reload the cert spinner with an extra "multiple certificates added" item
                     loadCertificates(mEapCaCertSpinner,
-                            Credentials.CA_CERTIFICATE, true);
+                            Credentials.CA_CERTIFICATE, true, mDoNotValidateEapServerString);
                     mEapCaCertSpinner.setSelection(MULTIPLE_CERT_SET_INDEX);
                 }
                 setSelection(mEapUserCertSpinner, enterpriseConfig.getClientCertificateAlias());
@@ -986,13 +1006,15 @@ public class WifiConfigController implements TextWatcher,
         }
     }
 
-    private void loadCertificates(Spinner spinner, String prefix, boolean showMultipleCerts) {
+    private void loadCertificates(
+            Spinner spinner, String prefix, boolean showMultipleCerts, String noCertificateString) {
         final Context context = mConfigUi.getContext();
 
         ArrayList<String> certs = new ArrayList<String>();
-        certs.add(mUnspecifiedCertString);
+        certs.add(UNSPECIFIED_CERT_INDEX, mUnspecifiedCertString);
+        certs.add(NO_CERT_INDEX, noCertificateString);
         if (showMultipleCerts) {
-            certs.add(mMultipleCertSetString);
+            certs.add(MULTIPLE_CERT_SET_INDEX, mMultipleCertSetString);
         }
         certs.addAll(
                 Arrays.asList(KeyStore.getInstance().list(prefix, android.os.Process.WIFI_UID)));