June 01, 2010

Adding .cer certificates on your Android Phone

Wow, what a title! Well actually that's not possible. The only reason I used this title is - in this tutorial we will be using .cer certificate and will be converting it to .pfx certificate which will then be used on our phone.
(Experience free call to US and Canada visit How to use Gmail Call features outside US)

I have gone through a lot of pages saying that certificates problem with Android OS, how to use WPA2 Enterprise secured network on Android, how to add .cer files to android and many more. I have found solutions to some problems somewhere on the internet, but didn't found all the related information at a single place. So I thought of writing this blog entry dedicated to adding certificates for WPA2 Enterprise secured network.
Please note that I have a HTC Hero (GSM) which is having Android OS 1.5 (Yes I resisted myself from rooting it with 2.1, but the official update is coming soon). I will update this entry when I’ll get my hands on Android 2.1
UPDATE: For installing certificates on Android 2.1 visit Installing .cer certificate on your updated HTC Hero

I. Download the certificates

First step is to download the certificates on your PC/Laptop. You can do this by going to the certificate authority site and requesting a new certificate. (If enterprises are having WPA2 enterprise security, they must be using one). Proceed to the next steps after you get the .cer certificate from your certificate authority.

II. Converting certificates extension

Since Android is Linux based operating system it does not understand the .cer extension.
The CER file type is primarily associated with 'Internet Security Certificate File'. In cryptography, a public key certificate (or identity certificate) is a certificate which uses a digital signature to bind together a public key with an identity.
In android .pfx certificates are needed in order to connect to WAP2 Enterprise secure network.
PFX that is Personal Information Exchange File In cryptography, a public key certificate (or identity certificate) is a certificate which uses a digital signature to bind together a public key with an identity. The certificate can be used to verify that a public key belongs to an individual. This is a PKCS #12 file.
So in order to make our certificates work on android we need to convert them to .pfx format.
Follow these steps to convert .cer certificate (you just downloaded and installed) to .pfx
1. On your machine, click Start button and click RunRun
2. In Run dialogue box enter the text “certmgr.msc” and click on OK to open certificate management console.certmgr.msc
3. In the Certificate management console, on the left side you can see list of various folders. Expand the Personal folder and click on the Certificates folder. This will show list of your personal certificates on the right hand side of the console window.Certificate Management Console
4. Now right click on the certificate which you want to export, a menu will pop up. In this menu move your mouse pointer to All Task options, a new sub menu will open up. In this sub menu click on Export… option.Export certificate
5. Certificate Export wizard window will open up. Read the details and click Next to continue.Certificate Export Wizard
6. On the next screen of the wizard, select Yes, export the private key option and click Next to proceed.Export private Key
7. On the next screen select the export option in which you want to export the certificate. In this step select the option Personal Information Exchange and then checkmark Include all certificates in the certification path if possible. Click Next.
Export in .pfx
8. Since we are about to export the private keys as well, system asks for a password. In this window enter the same password which you use to connect to the enterprise network. And click Next.Enterprise password
9. “Save As” dialogue box will open up. Select the location to which you want to export the certificate and hit Save.
Save certificate
10. A file Export window will show the export path, click Next to continue.Save
11. A final summary window will show the certificate export details. Click Finish to export certificate and end this wizard.
Export Summary
12. If the export is successful you will get a dialogue box saying that the export was successful. Just hit OK to close this dialogue box.
Finish
13. Finally you get the certificate exported as .pfx which is now ready to be moved on your Android.
I got the pfx
14. Follow next steps to add this certificate to your Android.

III. Adding these on your Android Device


(Experience free call to US and Canada visit How to use Gmail Call features outside US)
UPDATE: For installing certificates on Android 2.1 visit Installing .cer certificate on your updated HTC Hero
In order to get connected to the network we first need to install this certificate to our Android device. Follow the below mentioned procedure to install the certificates.
1. Copy the certificate we just exported (which is in .pfx format) and put it onto root of your SD card of your device.
2. Now, on you device open settings then go to Wireless controls -> Wi-Fi Settings. Press Menu button and click on Advanced. A new menu will open. In this click Security Certificates.
If no certificates are yet installed on your device you will see an empty screen!
3. Now click on Menu button and click on Add certificate option. Now you will be able to see the certificate you copied onto you card. Touch and hold the certificate you want to install. A dialogue box will appear with the option to add certificate. Click Add certificate.
4. Doing so will add the certificate to your device.
5. Wow, now you can see your certificate at "security certificates".
6. Now when you connect to your enterprise network, Android does not asks which certificate to use but uses one from the added certificates on your device. In order to connect to your enterprise network, just use your credentials and you’ll now be able to connect successfully.
This method really worked fine for me. If you have any problems, just leave your comments and I’ll try to address those as well.
(Experience free call to US and Canada visit How to use Gmail Call features outside US)
(Keywords: HTC Hero, Androis 1.5, htc android, htc google android, hero android, android marketplace on htc hero, htc hero android market, htc hero wifi, htv hero wpa2, wpa2 enterprise on htc hero, bluetooth htc hero, android bluetooth, Hero, Bluetooth, features, PAEP, Headset, Android, tooth, Market, Support, GPRS, connection, Browser, Same, cell, forums, adding certificates to android, android certificates, adding .cer to android, .pfx android, .cer android, .cer to .pfx, cer to pfx, cer certificates on android, enterprise security certificates on android)

Newer Post Older Post Home