User Tools

Site Tools


docu:csheet:ofsec:info:mitmproxy_android_install

Install MitmProxy (or other) CA Certificate on Android System Trusted ca-certs (NEEDS ROOT!)


In order to make Android devices trust our MitmProxy CA Certificate (or another CA of your wish), we need to install it on the device as a System Trusted Certificate, as User Certificates gets ignored by all applications unless directly used by some App.


We need the .pem file of our wish, and run this openssl command to get the ID used by Android systems under /system/etc/security/ca-certs/

# .pem, .cer, .crt... extension does not matter as long as the format is x509
openssl x509 -inform PEM -subject_hash_old -in YOUR-CA-CERT-HERE.pem | head -1


It should give a result like: a8954f3d


Rename your cert to a8954f3d.0 and push it on device under /system/etc/security/ca-certs/ with chown root:root and chmod 0644. Keep in mind Android System normally is read-only, so you may need something like:

mount -o rw,remount,rw /system


Reboot your system, and you're good to go!! =)


Source: https://docs.mitmproxy.org/stable/howto-install-system-trusted-ca-android/

docu/csheet/ofsec/info/mitmproxy_android_install.txt · Last modified: 2020/09/13 09:29 by admin