Access Keys:
Skip to content (Access Key - 0)

Installing Certificates on Android

Getting Started

The below method has been tested using Android 11 and Google Chrome. Google Chrome is already installed on phones and tablets running Android 5.0+.
Browsers like Firefox and DuckDuckGo can download the certificate, but cannot access Android's keystore, and as such, you will need to authenticate to Touchstone using your Kerberos username and password. This also applies to apps like MIT Atlas and MIT Mobile.

Installing Certificates on Android

  1. Open Google Chrome and navigate to https://ca.mit.edu/ca/.

  2. Enter your Kerberos username and password in the respective fields and press "Next >>."


  3. Complete the Duo prompt.


  4. Keep the "Certificate Life" field set to its default value and press "Next >>" to receive the error "Your browser failed to generate a key." This is expected behavior.

    To learn more about this error, see Certificate Renewal Troubleshooting .

  5. Create a password for the certificate file that will be used for installation (in Step 7 below). Enter this new password in the "Import Password" and "Re-enter Password" fields, then press "Next >>."


  6. The certificate file should automatically download at this page. It can be found in your "Downloads" folder on your phone or in the notification tray by swiping down from the top of the screen.


  7. Once you've found the file, click on it and type the password you created earlier in the below prompt, then press "OK."


  8. Choose "VPN & app user certificate" and press "OK."


  9. Keep the default name for the certificate and press "OK."


  10. You will get a prompt reading "User Certificate installed," meaning you've successfully installed your certificate.

Checking Certificate Installs and Removing Old Certificates

Installed Certificates

  1. To check if the certificate is installed, navigate to your user credentials using the path below. There you will see the certificates installed on the device.

    Settings > Security > Advanced > Encryption & credentials > User credentials


  2. Within Google Chrome, you can also navigate to IS&T's Certificate Test Page and test your certificate

Removing certificates

  1. To remove a certificate, navigate to your user credentials using the path below. There you will see the certificates installed on the device.

    Settings > Security > Advanced > Encryption & credentials > User credentials


  2. Select the certificate you would like to remove, and press "Remove."


See Also

IS&T Contributions

Documentation and information provided by IS&T staff members


Last Modified:

July 09, 2021

Get Help

Request help
from the Help Desk
Report a security incident
to the Security Team
Labels:
android android Delete
firefox firefox Delete
certificates certificates Delete
google google Delete
chrome chrome Delete
c-certificates c-certificates Delete
certificate certificate Delete
install install Delete
duckduckgo duckduckgo Delete
Enter labels to add to this page:
Please wait 
Looking for a label? Just start typing.
Feedback
This product/service is:
Easy to use
Average
Difficult to use

This article is:
Helpful
Inaccurate
Obsolete
  1. Jul 26, 2021

    On my Samsung Galaxy S10e running Android 11, the path to the setting where you can view a certificate is different:
    Settings > Biometrics and security > Other security settings > User certificates

Adaptavist Theme Builder (4.2.3) Powered by Atlassian Confluence 3.5.13, the Enterprise Wiki