On this page:
|With the recent changes to Firefox Mobile, the app no longer has support the of storing MIT Personal Certificates in the browser itself. However, Firefox Mobile can still be used to create a certificate file that can be opened to install the certificate into the root of the Android phone.|
As such, even though Firefox Mobile is used to get the certificate in this method, this method will allow the use of MIT certificates on Android using chrome, and not Firefox Mobile.
- Download the latest Firefox Mobile from the Google Play Store (or update your existing Firefox to the latest version).
- Open Firefox.
- Navigate to the personal certificate Install page.
- Fill out the username and password, (The system may ask to save this information, selecting “update” or “Don't update” doesn't affect the process.)
Result: You will be asked to login with Duo.
- Login with Duo.
Result: You will be prompted to generate a private key.
- Select the certificate age, by default the system should already have the maximum allowed date for the certificate expiration timer and click Next.
Result: An error appear that says "Your Browser Failed to generate a key, Please Generate and download your certificate."
- The certificate life should already be set. Create a Password for the certificate file by inputting a 6 Character password. (You are welcome to use your kerberos password for this). Put this password in the Import password and Re-enter password fields.
Result: Firefox should ask to download the file.
- Click on Download.
Result: The file downloads and you are prompted to open the file.
Unable to render embedded object: File (Screenshot_20200915-162154_Firefox.jpg) not found.
- Click Open.
- Alternatively, go to the home screen on your device and locate the My Files App.
- Tap on Downloads or go to /Internal storage/Download/ and locate the fill name #######-cert.p12. Where ####### is kerberos username for the certificate owner.
- Once located, open the file with the .p12 extension.
Result: The file opens and you are asked for the password you set in step
- After opening the certificate file, the system will ask for the password that was set in step II.2.
Result: It will ask you to create a name for the certificate and select what it is used for.
- Enter the information requested.
- For Certificate name, we suggest something Like "[istdraft:Yourname]'s MIT certificate." This will make it easier to locate and delete the certificate when it is required to reinstall it the certificate.
- For Used for, Select VPN and Apps.
- Click Okay.
Result: A confirmation should appear on the screen saying the certificate is installed.
- To check if the certificate is installed, open the android settings and going to Biometrics and Security >Other Security settings > User Certificates. This section is very basic and Android OS, but the certificate should have the name given in step II.2.a.
- To delete the certificate from the device just tap the Certificate and select Remove.
- The certificate can also be tested using Google Chrome at the Certificate test page.
Now that the certificate is installed into the root of the phone, the certificate can now be used in Google Chrome, Not Firefox.
This method allows the user to install a MIT certificate on in Android's root of the android system to be used in google chrome. Even though this process requires Firefox to download the certificate install the file, this does not install the certificate into Firefox mobile. At the time of this article, current versions of Firefox mobile can no longer receive or store personal certificates. As such, The certificates will not show that it is installed for Firefox. If you have a older versions of Firefox please see: [istcontrib:Installing Certificates with Android 7.x or Higher].