-
Notifications
You must be signed in to change notification settings - Fork 77
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Certificate rejected arbitrarily after showing "System Trust Enabled" #21
Comments
Does this apply to all apps, or does it work in some apps but not in others? Is it always the same requests/hostnames that fail? What Magisk version are you using? Do you have any Magisk modules installed, or anything else unusual that might affect this? If you create a non-playstore emulator without Magisk you'll have root access via ADB anyway - in that case, does it work correctly? That case (using vanilla emulators directly) is quite heavily tested and I've never seen it fail. It could be that a recent change in how Magisk works has caused this... Can you please:
|
Thank you @pimterry for your early reply.
I hope this helps. |
This is really interesting, and I've done some digging but I haven't been able to work out what could cause this... There's nothing obviously wrong in the logs there, but this clearly isn't working correctly. Can you share full detailed steps to set up an equivalent emulator, so I can see this for myself? E.g.
As specific as possible to make sure that the environment exactly matches would be great. If you can share enough info that I can set up an identical emulator myself, from there it should be much easier to work out what's going on, and get a proper working fix for you. |
I get to this screen after I run install with adb:
This is the output window for HTTP toolkit
Emulator is user dev build with Magisk installed as root and working fine.
My device is an emulator on Android 12 x86_64 running on Pixel 6 6.4(1080x2400 420 dpi)(no playstore)
It works sometimes(1 in 10 maybe) and then all of a sudden "Certificate rejected". I have verified that my certificate is present in the /system/etc/security/cacerts but for some reason it does not show in the Trusted Certificates section. I tried to run the script manually with burp suite and it got installed in the folder but not showing in the Trusted Certificates on the device.
The format of the certificate is PEM converted to (.0 android) and I observed that the certificate created by us only has certificate begin and end but the certificates that are working example(Starfield Class 2 Certification Authority) has a lot more standard data about the certificate with SHA1 Fingerprint.
Can someone from the team help me in debugging this.
The text was updated successfully, but these errors were encountered: