有没有一种通过ADB或其他"可脚本化"的方式,在"安全性 -> 受信凭证 -> 用户选项卡"下安装CA证书(.crt文件)的方法?
我找到了一种方法来完成这个操作,因此我能够信任 Charles Proxy 证书。它将被添加为受信任的 SSL 根证书。
首先,您需要获取证书哈希值。
openssl x509 -inform PEM -subject_hash_old -in charles-proxy-ssl-proxying-certificate.pem | head -1>hashedCertFile
我使用Windows,将其存储在一个变量中以自动化该过程。
set /p certHash=<hashedCertFile
set certHash=%certHash%.0 && DEL toto
cat charles-proxy-ssl-proxying-certificate.pem > %certHash%
openssl x509 -inform PEM -text -in charles-proxy-ssl-proxying-certificate.pem -out nul >> %certHash%
adb shell mount -o rw,remount,rw /system
adb push %certHash% /system/etc/security/cacerts/
adb shell mount -o ro,remount,ro /system
adb reboot
这是从这个答案复制的Unix版本:
PEM_FILE_NAME=logger-charles-cert.pem
hash=$(openssl x509 -inform PEM -subject_hash_old -in $PEM_FILE_NAME | head -1)
OUT_FILE_NAME="$hash.0"
cp $PEM_FILE_NAME $OUT_FILE_NAME
openssl x509 -inform PEM -text -in $PEM_FILE_NAME -out /dev/null >> $OUT_FILE_NAME
echo "Saved to $OUT_FILE_NAME"
adb shell mount -o rw,remount,rw /system
adb push $OUT_FILE_NAME /system/etc/security/cacerts/
adb shell mount -o ro,remount,ro /system
adb reboot
adb shell mount -o rw,remount,rw /system
-> mount: '/system' not in /proc/mounts
- Dr.jackyPEM_FILE_NAME=logger-charles-cert.pem
hash=$(openssl x509 -inform PEM -subject_hash_old -in $PEM_FILE_NAME | head -1)
OUT_FILE_NAME="$hash.0"
cp $PEM_FILE_NAME $OUT_FILE_NAME
openssl x509 -inform PEM -text -in $PEM_FILE_NAME -out /dev/null >> $OUT_FILE_NAME
echo "Saved to $OUT_FILE_NAME"
adb shell mount -o rw,remount,rw /system
adb push $OUT_FILE_NAME /system/etc/security/cacerts/
adb shell mount -o ro,remount,ro /system
adb reboot
(是的,我知道这可能应该是一条评论,但我还没有足够的声望将其发布为评论)
ro
和 rw
。 - BLuFeNiX我按照以下步骤成功地将服务器证书显示在信任的凭据->用户
选项卡下(而不是其他答案所展示的系统选项卡下):
#!/bin/bash
subjectHash=`openssl x509 -inform PEM -subject_hash_old -in server.crt | head -n 1`
openssl x509 -in server.crt -inform PEM -outform DER -out $subjectHash.0
adb root
adb push ./$subjectHash.0 /data/misc/user/0/cacerts-added/$subjectHash.0
adb shell "su 0 chmod 644 /data/misc/user/0/cacerts-added/$subjectHash.0"
adb reboot
将文件推送到设备上
adb push "C:\path\cacert.cer" "/data/local"
启动 CertInstaller
adb shell am start -n com.android.certinstaller/.CertInstallerMain -a android.intent.action.VIEW -t application/x-x509-ca-cert -d file:///data/local/cacert.cer
W CertInstaller: android.content.ActivityNotFoundException: Unable to find explicit activity class {com.android.settings/com.android.settings.security.CredentialStorage}; have you declared this activity in your AndroidManifest.xml?
- virtualdj2022年:httptoolkit提供了一种很好的解决方案,可以在已经root的设备/模拟器中无需重启即可注入自定义证书。
set -e # Fail on error
# Create a separate temp directory, to hold the current certificates
# Without this, when we add the mount we can't read the current certs anymore.
mkdir -m 700 /data/local/tmp/htk-ca-copy
# Copy out the existing certificates
cp /system/etc/security/cacerts/* /data/local/tmp/htk-ca-copy/
# Create the in-memory mount on top of the system certs folder
mount -t tmpfs tmpfs /system/etc/security/cacerts
# Copy the existing certs back into the tmpfs mount, so we keep trusting them
mv /data/local/tmp/htk-ca-copy/* /system/etc/security/cacerts/
# Copy our new cert in, so we trust that too
mv ${certificatePath} /system/etc/security/cacerts/
# Update the perms & selinux context labels, so everything is as readable as before
chown root:root /system/etc/security/cacerts/*
chmod 644 /system/etc/security/cacerts/*
chcon u:object_r:system_file:s0 /system/etc/security/cacerts/*
# Delete the temp cert directory & this script itself
rm -r /data/local/tmp/htk-ca-copy
rm ${injectionScriptPath}
echo "System cert successfully injected"
这只是在非Root Android上启动“您是否要信任此证书窗口”的解决方案。这是@hoghart45提供的答案,但它还有一行代码,确保您有权限将证书粘贴到/data/local/..
目录中:
certificateName=ca.crt
ca_dir_in_phone="/data/local/tmp/try3"
ca_path_in_phone="$ca_dir_in_phone/$certificateName"
adb shell mkdir -m 700 "$ca_dir_in_phone"
adb push "$certificateName" "$ca_path_in_phone"
adb shell am start -n com.android.certinstaller/.CertInstallerMain -a android.intent.action.VIEW -t application/x-x509-ca-cert -d file://"$ca_path_in_phone"
为了完整起见,这里是一个正在进行中的Python项目WIP,它还使用uiautomator
以受控方式自动点击“确定”按钮。(它在点击之前验证它是否是确定按钮,而不仅仅是发送盲目的输入,如send keyevent 20
命令)。免责声明,我参与了该项目。
adb start-server
emulator -writable-system -avd Pixel_2_API_24
然后您可以安装证书:
adb root
adb remount
adb push c8750f0d.0 /system/etc/security/cacerts
https://docs.mitmproxy.org/stable/howto-install-system-trusted-ca-android