Add custom certificates to Headwind MDM

Question

I am currently facing the following challenge: in order to establish the connection to a certain page of the company, SSL certificates are required and has to be deployed to the mobile devices. After a long search in your forum as well as in the www, I have not yet found a solution to the problem.

The manual installation of the certificates runs smoothly. However, due to the number of devices, this is almost impossible.

Is it possible to automate the certificate installation to devices?

Answer 1

Custom certificates could be embedded in the source code of Headwind MDM in PEM format. Note that it's unsafe to transfer certificates through the network due to a possible interception attack.

To embed certificates in the source code, please do the following:

1. Prepare the certificates in PEM (BASE64-encoded) format, and put them to assets subdirectory (one file per certificate).

2. Add the file names (without path, just file names, e.g. mycert.pem, myrootcert.pem) to res/values/strings.xml in the "certificates" string array.

The certificates will be installed at first app start (including the initial enrollment).

Answer 2

Headwind MDM launcher version 5.28 and above allows to install certificates from files uploaded to the device storage.

1. Add certificate files in PEM format in the configuration details, Files tab.

2. Switch to the Application settings tab, and add the following setting:

Package ID: com.hmdm.launcher

Attribute: certificates

Value: comma-separated paths to certificates (relative to /storage/emulated/0).

Click Save to apply settings.

Comments

I have tried this method, and I can see the certificate in 'User certificates.' How can I install it into 'System certificates' on Android 14?

Thanks.

---

You cannot. System certificates are the certificates preinstalled in the Android ROM, and it is not possible to manage them by the app (at least if your device is not rooted).