Add root certificate on Android phone

Add the root certificate to the ndroid mobile phone
In the Android system, the CA certificate file is located at:/system/etc/security/cacerts. BKS.
Note: The cnnic ssl certificate does not exist in the official Android 2.2 system. This is because of the Chinese network environment and is not built in.
If you are using an Android mobile machine of the China line edition, you can access the https://www.enum.cn to check whether there is a built-in CNNIC ca, if there is, you can use the original cacerts. BKS, which is common to all android systems.
Follow these steps to import the CA file to the cacerts. BKS file:
1. Get the cacerts. BKS file to your computer. You can use the android mode or USB to connect to your mobile phone.
> ADB pull/system/etc/security/cacerts. BKS cacerts. BKS
2: Install the Java environment on the PC, and then download this article http://bouncycastle.org/download/ bcprov-jdk16-141.jar, put in the Java installation directory/lib/EXT/directory.
Put the cacerts. BKS obtained in step 1 and the CA certificate you want to add under the same level directory. The CA certificate is in the CRT or CER format.
3. Switch the command to the directory in step 2. Import the certificate to the cacerts. BKS file.
> Keytool-keystore cacerts. BKS-storetype BKS-provider Org. bouncycastle. JCE. provider. bouncyca-storepass changeit-importcert-trustcacerts-alias stores the root certificate for alias-File Import. CRT pay attention to the "Save alias", cacerts in the above command. the BKS file uses numbers as its alias. You can customize numbers or letters without spaces in the middle, provided that it cannot be used with cacert. the original CA alias of BKS is repeated.
There are 56 certificates in the caerts. BKS file of the original Android 2.2 system. You can start with 57. The root certificate to import. CRT --> is the name of the CA certificate to be added. After you press enter, a message is displayed. After confirmation, the message is successfully added.
4. Transfer the modified cacerts. BKS to the mobile phone. Get the write permission of the/system directory> ADB shell Mount-O remount, RW/system upload cacerts. BKS> ADB push cacerts. BKS/system/etc/security/restore/system directory read-only permission> ADB shell Mount-O remount, RO/system restarts the mobile phone to take effect.
If the re File Manager is installed on your phone, some steps can be performed on the mobile phone. We recommend that you use the re File Manager to retrieve and put the file back.