wv6fpq
Last Updated: August 21, 2017
·
76.54K
· sdepablos
Profile 50x50

Add self signed SSL certificate to Android (for browsing)

Some people are developers. Some of them have secure sites. What's more incredible, some want to test their websites on mobile phones with a environment as similar as possible to the production one, so they want to use a self-signed SSL certificate. Then, why it's so difficult to do it?

After much trial and error, here's a bulletproof guide to do in on Linux:

  • Open Firefox (I suppose it's also possible with Chrome, but it's easier for me with FF)
  • Visit your development site with a self-signed SSL certificate.
  • Click on the certificate (next to the site name)
  • Click on "More information"
  • Click on "View certificate"
  • Click on "Details"
  • Click on "Export..."
  • Choose "X.509 Certificate whith chain (PEM)", select the folder and name to save it and click "Save"
  • Go to command line, to the directory where you downloaded the pem file and execute "openssl x509 -inform PEM -outform DM -in <certificatename>.pem -out <certificatename>.crt"
  • Copy the .crt file to the root of the /sdcard folder inside your Android device
  • Inside your Android device, Settings > Security > Install from storage. It should detect the certificate and let you add it to the device
  • Browse to your development site. The first time it should ask you to confirm the security exception. That's all. The certificate should work with any browser installed on your Android (Browser, Chrome, Opera, Dolphin...)

Remember that if you're serving your static files from a different domain (we all are page speed bitches) you also need to add the certificate for that domain.

Say Thanks
Respond

8 Responses
Add your response

9516
4e6f6166a2ac435de37df5ed86526d83

This was extremely helpful to me. In Chromium, you can export the key by clicking on the lock, then Certificate Information. Under Details, click Export. Export the key as "Base64-encoded ASCII, certificate chain". All of the following steps are the same.

Thanks so much for this!

over 1 year ago ·
9527
Profile 50x50

Which version of Android do you have? Since I upgraded to Andriod 4.3 this is not working for me anymore.

over 1 year ago ·
12054

I have two for the same domain just different ports. Didn't seem to be able to distinguish the difference.

over 1 year ago ·
16730
2c05370d55f60ed73802498c21f063bb

Worked nicely for me, thanks! It even let me import from Google Drive (Android 4.4.3, HTC One M8).

I exported the x.509 cert from Chrome, the only issue is that Chrome/Windows gave me the file extension .cer. My phone ignored the file until I renamed to .crt.

over 1 year ago ·
18018
9ff312caf4b3d45c1d3fae59ce8b118f normal

I got this error when running the command.

openssl x509 -inform PEM -outform DM -in .pem -out .crt
Error opening Certificate .pem
140332300740256:error:02001002:system library:fopen:No such file or directory:bssfile.c:398:fopen('.pem','r')
140332300740256:error:20074002:BIO routines:FILE
CTRL:system lib:bss_file.c:400:
unable to load certificate

I noticed FF saved the file without any extention. I added .pem to the file, but the issue persists. Any ideas?
Cheers!

over 1 year ago ·
18046
Profile 50x50

-in filename.pem -out filename.crt (you have to pass a filename in both options)

over 1 year ago ·
22173
0 x6xd1ph1wk9 9ucuvgoftbc 2cxykxx8p6yd9b212fb0k7vunbyezt3 mcrykyvtvrtfoxat53ix1uytpv3zrb yh3io1uys9v3orqnpihotjs5asxbkk zc8naasudyx95lbnz4k27

Any idea how to install certificate from root storage using android code

over 1 year ago ·
22664
Default profile 5 normal

You can save a certificate in Android using this app.

https://play.google.com/store/apps/details?id=com.cert.httpscertificate

over 1 year ago ·