Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Install User Certificate Via ADB

Is there a way to install CA certificate (.crt file) under the Security -> Trusted Credential -> User tab via ADB? or any other "scriptable" way.

like image 829
Nir Duan Avatar asked Jul 06 '17 07:07

Nir Duan


People also ask

How do I install a root certificate?

Click the Windows Start button. In the search box, begin typing mmc.exe, right-click the mmc.exe entry in the search results and select Run as Administrator. Select File > Add/Remove Snap-in. Select Certificates and click Add.

How do I add a certificate in Chrome mobile?

Start Android Chrome on the Android device, and then enter the access URL in the URL field. On the dialog to select a certificate, select the client certificate that you have added, and then tap Select. If multiple client certificates have been added to the Android device, multiple candidates will be displayed.


2 Answers

I figured out a way to do this, thus i was able to trust charles proxy certificate. it will be added as trusted SSL root certificate.

First you need to get the certificate hash

openssl x509 -inform PEM -subject_hash_old -in charles-proxy-ssl-proxying-certificate.pem | head -1>toto

i use windows, store it in a var in a matter to automate the process set /p totoVar=<toto

set totoVar=%totoVar%.0 && DEL toto

cat charles-proxy-ssl-proxying-certificate.pem > %totoVar%

openssl x509 -inform PEM -text -in charles-proxy-ssl-proxying-certificate.pem -out nul >> %totoVar%

adb shell mount -o rw,remount,rw /system

adb push %totoVar% /system/etc/security/cacerts/

adb shell mount -o ro,remount,ro /system

adb reboot
like image 164
Incepter Avatar answered Sep 17 '22 13:09

Incepter


Thanks to this answer Install User Certificate Via ADB I was able to adapt a script that works on a bash shell:

PEM_FILE_NAME=logger-charles-cert.pem
hash=$(openssl x509 -inform PEM -subject_hash_old -in $PEM_FILE_NAME | head -1)
OUT_FILE_NAME="$hash.0"

cp $PEM_FILE_NAME $OUT_FILE_NAME
openssl x509 -inform PEM -text -in $PEM_FILE_NAME -out /dev/null >> $OUT_FILE_NAME

echo "Saved to $OUT_FILE_NAME"
adb shell mount -o rw,remount,rw /system
adb push $OUT_FILE_NAME /system/etc/security/cacerts/
adb shell mount -o ro,remount,ro /system
adb reboot

(Yes, I know this should probably be a comment, but I don't have enough reputation to post it as a comment yet)

like image 32
Brian Mirletz Avatar answered Sep 16 '22 13:09

Brian Mirletz