CaCert and Android

From AAISP Support Site

This page is considered legacy as of 2017 as most of AAISP services now use Let's Encrypt certificates rather than CACert.

Google and CACert don't really play nice together making it impossible to add the CACert root cert on an Android phone that's not rooted and not exactly straightforward on one that is.

If you have a rooted Android phone with full root access to the /system Partition in normal use (i.e. Nexus One, HTC Hero) then the instructions on the CAcert Wiki are all you need [1]

But if you have a phone that doesn't have read/write access to /system in normal use (such as the HTC Desire) you can do steps 1-4 without problem meaning you now have the patched cacerts.bks file but you can't upload the file back in Step 5.

Instead the steps I followed to do this on my HTC Desire were to

  1. power off your Desire
  2. Power on your Desire holding the volume down key
  3. select recovery from menu
  4. when the read triangle shows, run the recovery script from the root package:
    1. (recovery-linux.sh, recovery-mac.sh or recovery-windows.bat) depending on your OS (I'm using the r5-desire-root package from http://desire.modaco.com. The actual name of the script to run may vary depending on the root technique).
  5. mount the /system partition (# adb shell mount /system)
  6. copy your certificate to the system (#adb push cacerts.bks /system/etc/security)
  7. reboot your phone.