DIY/wiki
2
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Wiki page ssl changed with summary [[Android] added android 14 "certificate in system"] by Dan

Browse source
This commit is contained in:
ORG_User 2024-05-26 00:56:40 +02:00
parent 1a8272aa95
commit ccb47c5e65
1 changed files with 39 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

40
pages/de/server/services/ssl.txt
View file

@ -160,6 +160,7 @@ hashed_name=`openssl x509 -inform PEM -subject_hash_old -in rootCA.pem | head -1
ls $hashed_name.0 ls $hashed_name.0
</code> </code>
**Android 13:**
<code> <code>
adb root adb root
adb shell mount -o rw,remount / adb shell mount -o rw,remount /
@ -169,7 +170,44 @@ adb shell chown root:root /system/etc/security/cacerts/$hashed_name.0
adb shell reboot adb shell reboot
</code> </code>
Du kannst auch die Magisk-Module [[https://github.com/NVISOsecurity/MagiskTrustUserCerts/releases|MagiskTrustUserCerts]] (Android 13) oder [[https://github.com/nccgroup/ConscryptTrustUserCerts|ConscryptTrustUserCerts]] (Android 14) verwenden, dass das gleiche wie oben macht. **Android 14 (this only works until a restart):**
<code>
adb root
adb shell mkdir -p -m 700 /data/local/tmp/cacerts
adb shell cp /apex/com.android.conscrypt/cacerts/* /data/local/tmp/cacerts/
adb shell mount -t tmpfs tmpfs /system/etc/security/cacerts
adb shell mv /data/local/tmp/cacerts/* /system/etc/security/cacerts/
adb push $hashed_name.0 /system/etc/security/cacerts/
adb shell chown root:root /system/etc/security/cacerts/*
adb shell chmod 644 /system/etc/security/cacerts/*
adb shell chcon u:object_r:system_file:s0 /system/etc/security/cacerts/*
adb shell
</code>
<code>
ZYGOTE_PID=$(pidof zygote || true)
ZYGOTE64_PID=$(pidof zygote64 || true)
for Z_PID in "$ZYGOTE_PID" "$ZYGOTE64_PID"; do
if [ -n "$Z_PID" ]; then
nsenter --mount=/proc/$Z_PID/ns/mnt -- \
/bin/mount --bind /system/etc/security/cacerts /apex/com.android.conscrypt/cacerts
fi
done
APP_PIDS=$(
echo "$ZYGOTE_PID $ZYGOTE64_PID" | \
xargs -n1 ps -o 'PID' -P | \
grep -v PID
)
for PID in $APP_PIDS; do
nsenter --mount=/proc/$PID/ns/mnt -- \
/bin/mount --bind /system/etc/security/cacerts /apex/com.android.conscrypt/cacerts &
done
</code>
Du kannst auch die Magisk-Module [[https://github.com/NVISOsecurity/MagiskTrustUserCerts/releases|MagiskTrustUserCerts]] (Android 13) oder [[https://github.com/nccgroup/ConscryptTrustUserCerts|ConscryptTrustUserCerts]] (Android 14) verwenden, dass das gleiche quasi wie oben macht.
=== CA-Zertifikate von Drittanbietern für Firefox verwenden === === CA-Zertifikate von Drittanbietern für Firefox verwenden ===