• After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.

trying to install a certificate from sd card

  • Thread starter Thread starter Android Question
  • Start date Start date
A

Android Question

Guest
trying to install a certificate from sd card and I do not have one on it certificates from a pkcs#12 file with a .pfx or a .p12 extension this is for (fix it utilities)
 
Installing Symantec/Verisign Cert for CA/Personal Key/email Signing - Workaround on G5 for "password for storing credentials" issue:

Started with "Fingerprint" Lock as my Chosen Security (which I love)
1. Intentionally Failed Fingerprint Scan 5 Times
2. Logged in with Google Credentials to Bypass
3. Went back to Chrome on Symantec "Download/Install Cert" Page (See Below, worked same with Choosing PFX from File Browser, Google Drive, too).
4. "Install Certificate" Button on Symantec Page
5. Android Prompt Box for "Enter Certificate Password" (entered the password)
6. Android Prompt Pop-up to "Set Password or Pin Lock"
7. Set Password Lock (or PIN)
8. Android Pop-up "Certificate Installed"

Then I get a "Warning" in the Notification Bar, which drags down to give a Warning stating ""Network may be Monitored By an Unknown Third Party", which drills into a message stating "A Trusted Certificate on your Device is Allowing a Third Party to Monitor Your Internet Activity ..." ! (Although Possible, rarely implemented, and they will not have access to your Private Key, which is the Whole Point! Besides, they ALREADY have your MAC Address in the header of the TCP/IP Stack! Anyone know why they are warning on this?)

Now the LOUSY Part - Try to Switch Back to "Fingerprint Unlock" Method, but ONLY "PIN" and "Password" are Available! All other options, like my favorite "Fingerprint", are Greyed Out, with the message under each that they are "Turned Off by Administrator, Encryption Policy, or Credential Storage"! (long ugh) I don't have the specifics on how secure the bio-scan is for the Fingerprint Lock, but if it's Average or Better, then Fingerprint Scan is more Secure, or at Least "As Secure" - and Incredibly more convenient! What a drag...

But, I did Not have to Reboot/Restart. After "Clearing" the Certificate, it was Repeatable. Actually, on the Repeat, it only prompted for the Certificate Password, and did not prompt me for the Credential Storage Password again.

NOTE: I did try it again with Security->"Install from Phone Storage"->(Pick the *.pfx file in the File Browser, which included by Google Drive Folders since I have Drive Installed), instead of the "Install" from the Symantec Page, and had the same positive results.

_Really_ not Happy that I can't use Fingerprint Lock _and_ have a Certificate!

Anyone have a Logical Reason for the Restriction? A real PITA...
 
You must log in or register to reply here.
Back
Top Bottom