How To Work With Certificates On Nexus 7
You can use digital certificates to identify your device for a variety of purposes, including VPN or Wi-Fi network access as well as authentication to servers by apps such as Email or Browser. To use a certificate to identify your device, you must obtain it with help from your system administrator, and install it in your devices trusted credential storage.
Android supports DER-encoded X.509 certificates, saved in files with a .crt or .cer file extension. If your certificate file has a .der or other extension, you must change it to .crt or .cer or you wont be able to install it. Android also supports X.509 certificates saved in PKCS#12 key store files with a .p12 or .pfx extension. If your key store has some other extension, you much change it to .p12 or .pfx or you wont be able to install it. When you install a certificate from a PKCS#12 key store, Android also installs any accompanying private key or certificate authority certificates.
How to Install client & CA certificates on Nexus 7
To install a certificate from your tablets internal storage:
- Copy the certificate or key store from your computer to the root of your devices internal storage (that is, not in a folder).
- Touch Settings > Personal > Security > Credential storage > Install from storage.
- Touch the filename of the certificate or keystore to install. Only certificates that you havent already installed are displayed.
- If prompted, enter the key store password and touch OK.
- Enter a name for the certificate and touch OK.
- Typically, a CA certificate included with a client certificate is installed at the same time. You can also install separate CA certificates using the same steps. If you have not already set a pattern, PIN, or password for your device, youre prompted to set one up. The type of lock thats acceptable may be predetermined by your system administrator. You can now use the certificate that you installed when connecting to a secure network or for client authentication with Email, Browser, and third-party apps. After a certificate is installed successfully, the copy in storage is deleted.
- Warning: Apps such as Email and Browser that support certificates allow you to install certificates directly from within the app. For details, see the Help or other instructions that come with each app.
How to Work with CA certificates on Nexus 7
If a certificate authority (CA) certificate gets compromised, or for some other reason your organization doesnt want to trust it, you can disable or remove it. To do so, follow these steps:
- Touch Settings > Personal > Security > Credential storage >Trusted credentials. The trusted credentials screen has two tabs:
- System displays certificate authority (CA) certificates that are permanently installed in the ROM of your tablet.
- User displays any CA certificates that you have installed yourself, for example in the process of installing a client certificate.
- To examine the details of CA certificate, touch its name. A scrolling screen displays the details.
- To remove or disable a CA certificate, scroll down to the bottom of the details screen and touch either Disable for system certificates or Remove for user certificates.
- When you disable a system CA certificate, the button at the bottom of its details screen changes to Enable, so you can enable the certificate again if necessary. When you remove a user-installed CA certificate, it is gone permanently and must be re-installed if you want it back.
- In the confirmation dialog that appears, click OK.