There is a lot of questions on various forums on how to install a CA certificate on Android device. Some suggest using RealmB web site. While I trust that RealmB authors have had the best intent to help others, I think publishing a security certificate you use to connect to your corporate network on the web is as wise as giving keys to your house to absolute strangers and I personally would not use the tool.
Android 2.2 I have installed on my Motorola Atrix has both Certificate Installer and Certificate Manager.
To find them go Settings-> Location & security, scroll down ->Credential storage-> Install from internal phone storage. You will see a dialog offering you to complete the action using either Certificate Installer or Certificate Manager.
But both are rather enigmatic tools without any documentation and it took me some time to find how one actually can use Certificate Installer (this one is a part of Android; I guess Certificate Manager is Motorola’s product). This is the beauty of Open Source Software (at least for developers) – one can read a code and figure out how “the damn thing works” 
First of all by default Certificate Installer looks for certificates to install at folder called download in SD card. It considers as certificates files with extensions either .crt or .p12. The latter stands for certificates in PKCS #12 format and the former stands for certificates in Base64 Encoded X.509 format. You should be aware that there are other certificate formats as well, e.g. PKCS #7, but it seems that Certificate Installer can’t handle them. If you are interested to find more about certificate file formats, read this.
[Added on April 20, 2012. Vlad (another Vlad, not I) commented below: "...the certificate should be copied to an internal folder (not external). For some devices, the installer cannot find a certificate on the external SD card."]
So the first way to use Certificate Installer is obvious:
- Extract SD card from your phone, insert it into your computer
- Create download folder in its root folder and put there the certificate file or files you want to install; of course make sure that they are in acceptable format and have proper file extensions
- Insert SD card in your phone and run Certificate Installer as described above
Well, obvious but not co convenient… First of all extracting and inserting SD card is not so simple on certain devices. Also there are devices without SD card. So what to do if you don’t want or can not use this way? Then you can use the second method:
- Connect your device to your computer via USB cable. Make whatever you usually do so that the device appears as an external drive in the computer filesystem. If you never connected your Android device to your computer as USB drive and you use Windows computer, the most likely you will need to install a proper USB driver on your computer. Such USB drivers for Android devices are manufacturer-specific and can be found on manufacturers web sites (see the list here). For Ubuntu Linux you will need to add some configuration parameters; no USB driver installation is required. See details here.
- Copy your certificate file(s) to the device internal storage. Again, make sure that the files have proper format and proper file extensions
- Open Files application and select (touch) the certificate file. A dialog will appear with details on the certificate and two buttons: Install certificate and Cancel. Click Install certificate. That’s all
How do you install a CA certificate on a HTC Android phone?
Scout,
I don’t have HTC Android, so I can’t test the instructions on it, but I believe they should work for all phones with Android 2.X OS. Certain older phones still in use have Android 1.X versions of Android OS, so it is worth checking what version is installed on your phone.
how can i instsll certificate for my x10mini
after clicking on install credential .it gives the message no certificate on sd card using android 2.2
Thanks a lot for exact location of the certificated to place to – installed certificates (also renaming “cer” in “crt” and “pfx” to “p12″) successfully on SE WT19i
Thank you for this! Worked for a .der file by renaming it to .crt
I found this question posted on numerous forums but no answers. The advice here worked perfectly for my Samsung Charge. I borrowed a friend’s Motorola Bionic for a couple of weeks; it recognized .cer files but apparently the Charge doesn’t. Thanks again.
Whoops. I spoke too quickly. Although the Charge’s Credential Storage utility accepted the certificate file as long as the extension was .crt I found that the Android browser won’t actually access the file. I converted a .cer file to the Base 64 format using the utility in IE then renamed it so that the extension was .crt. Guess that I need to re-read the article and also check out the link in the article that explains the difference between the various certificate formats.
Vlad,
I have an Android 4.0.1, and it´s working fine, but I tried the same thing with Android 2.3.6, iPhone iOS 5.1 and 5.0.1 and a BlackBerry 6.0, all I could import the certificate, but when I access the site, still saying that the Root it´s not trusted. I just have the CN and Root, no Intermediate. Have you any idea, what can be?
Thanks.
Vitor,
If the intermediate certificate is absent, this definitely may cause the problem since the certificate verification requires the whole chain of certificates to be present. Try to import intermediate certificates as well.
I also found out that the certificate should be copied to an internal folder (not external). For some devices, the installer cannot find a certificate on the external SD card.
Vlad,
Thank you. I’m adding this to the post.
Thanks for mentioning the .crt extension. Took me a while before I found this bit of info.
To install *.cer on Android 2.3.6:
To install certificates on Android 2.3.6, Samsung GT-I8150 rename all certs from *.cer to *.crt , copy all certificates in phone‘s SD card.
Go to Settings-> Location and Security-> Install from USB storage and add certificate one by one.
I Have a Micromax A100 Android Mobile,The issue is unable to connect to my corporate mail.After configuration of credentials it says unable to connect to server.Kindly help
If you don’t trust uploading a certificate on a website then you dont trust on ssl and on the private/public key algorithms. The certificate is meant to be published
Not always. In some cases they are not published, especially in case of VPN.
Every single person that owns such a smart phone will need an iphone USB cable. Contrary to popular belief, this is necessary besides the regular dock station that you use. Most stations are only usable for charging the batter of the iphone and you will want to have a device that allows you to connect the phone to a USB plug. A universal dock that also includes a cable connect option is great but there are not many on the market. Most people will end up using USB cables. The problem is that there are too many options to not feel a little overwhelmed. .
Most recently released piece of writing provided by our new blog site
<.http://www.healthmedicinecentral.com/liver-pain-symptoms/
I first installed on 2.3.4 from SD card a GPS software but when i tryed to install it on 2.3.6, I don’t have that option anymore. in location and security I have instead of “Install from SD card” I have now “Install from USB storage” but when i tap that i get the message “No certificate found In USB storage”. I tryed to copy it in the memory of the phone and try again but it’s the same.
can u tell me any sites from where to get the certificates from? especially ca certificate and others which are a must for installing vpn clients for android?
It seems you are looking for certificate to connect to VPN. This one must be provided by a team that maintains VPN. This is because it is like a key to VPN, so you need to get the specific certificate which your VPN would accept.
If this is the same VPN you are using with your laptop/PC, you can find it there as well. Google on how to do that.
Does anyone know how to install others certificates on Android.
If you receive a signed email through Exchange, how do you install that contact’s certificate?
Thanks.
Ali