Caido
Get StartedHow-to GuidesTutorialsReferenceConceptsTroubleshooting

Adding Caido's CA Certificate to the System Partition

In this tutorial, we will cover the process of adding Caido's CA certificate to the system-store of a virtual Android device.

NOTE

This tutorial is a continuation of Setup & Configuration and Proxying Browser Traffic. Ensure you have completed the previous steps before proceeding.

Renaming Caido's CA Certificate

In order for Caido's CA certificate to be compatible with the Android system, it will need to meet the expected naming format. The format is the legacy hash of a CA certificate's subject field with a .0 extension.

System storage certificate names.

To generate the correct certificate file name:

  1. Navigate to http://127.0.0.1:8080/ca.crt in a browser on your computer to download Caido's CA certificate.

  2. Open a terminal and navigate to the file system location of the certificate and enter the following command:

bash
openssl x509 -inform PEM -subject_hash_old -in ca.crt
  1. Rename the certificate to the returned hash (located between the command and -----BEGIN CERTIFICATE-----) with a .0 extension.

Adding the Certificate

NOTE

This method will only work for virtual devices with an Android API level <= 33.

To add the certificate to the system level certificate storage of the device:

  1. In the Projects interface of the Android Studio window, click on the More Actions button and select SDK Manager.
SDK Manager.

  1. Select Android SDK from the Languages & Frameworks drop-down menu.

  2. Add the emulator directory (a subdirectory of the file system location stated in the Android SDK Location field) to your system's PATH environment variable

Android SDK Location.
  1. Open a terminal and execute the emulator tool with -list-avds to ensure the device is listed.
bash
emulator -list-avds
  1. Execute the emulator tool with the name of your device as the value of the -avd argument and writeable-system (if your device is currently running, terminate it first by clicking the button of its associated row in the Device Manager window).
bash
emulator -avd <device-name> -writable-system
  1. Once the device has booted up, open a new terminal and execute the adb tool with devices to ensure the device is listed.
bash
adb devices
List of connected virtual Android devices.
  1. Execute the adb tool with the device ID as the value of the -s argument and root to gain root privileges.
bash
adb -s <device-id> root
Restarting for root privileges.
  1. Execute the adb tool against the device with shell avbctl disable-verification to disable secure boot verification.
bash
adb -s <device-id> shell avbctl disable-verification
Disabling verification.
  1. Execute the adb tool against the device with reboot to reboot the device.
bash
adb -s <device-id> reboot
  1. Once the device has rebooted, gain root privileges again.
bash
adb -s <device-id> root
  1. Execute the adb tool against the device with remount to modify the partition permissions as read/write.
bash
adb -s <device-id> remount
Remounting.

  1. In your terminal, navigate to the file system location of the renamed certificate.

  2. Execute the adb tool against the device with the filename of the renamed certificate as the value of the push argument to move it into the System partition.

bash
adb -s <device-id> push <hash.0> /system/etc/security/cacerts/
Remounting.
  1. Execute the adb tool with shell chmod 664 -v to set the proper permissions on the certificate by specifying its file system location on the device.
bash
adb -s <device-id> shell chmod 664 -v /system/etc/security/cacerts/<hash.0>
Certificate permissions.
  1. Reboot the device again for the changes to take effect.
bash
adb -s <device-id> reboot
  1. Once the device has rebooted, execute the adb tool against the device with reverse tcp:8080 tcp:8080 to forward traffic to Caido.
bash
adb -s <device-id> reverse tcp:8080 tcp:8080

TIP

To verify the addition of the certificate:

  1. On the device, navigate to the Settings interface.

  2. In the Search settings input field, search for and select Trusted credentials.

  3. Click on Trusted credentials and locate Caido in the System tab certificate list.

Once the certificate has been installed, interacting with certain applications on the device will add rows to the HTTP History traffic table in Caido.

NOTE

If traffic is not appearing in the HTTP History table in Caido, try:

  • Disabling Mobile data usage.

  • Disabling any VPN connections.

  • Setting the Wi-Fi Proxy hostname to 10.0.2.2.

If application traffic is still not proxied through Caido or you are encountering errors/limitations in functionality, continue with the Modifying an Android Application tutorial.