Copy the root.cer file, located in the ZebraTester’s RunTime Data folder (macOS) or the ZebraTester main folder (Windows).
|macOS
Windows 10
| | | | | |openssl x509 -in root.cer -out \[rootcertnewname.pem]
Example: openssl x509 -in root.cer -out rootcertzt55z.pem
In your new folder you will see the new PEM formatted file after running the command.
| | | | | |We need to get the hash value from the original root certificate. Execute the following command that extracts this value to a new line.
If you are using Linux or Mac, execute the following command:
openssl x509 -inform PEM -subject\_hash\_old -in rootcertnewname.pem | head -1
==> hashvalue
Example: openssl x509 -inform PEM -subject\_hash\_old -in rootcertzt55z.pem | head -1
==>9e8079bd
If you are using Windows, execute the following command:
openssl x509 -inform PEM -subject\_hash\_old -in cert.pem | more +0
==> hashvalue
Example: openssl x509 -inform PEM -subject\_hash\_old -in rootcertzt55z.pem | more +0
==> 5h543h5a
Send the output of the PEM to the named file \[hash value+extension of Zero '0'] with this concatinating command.
cat rootcertnewname.pem > \[hashvalue.0]
Example: cat rootcertzt55z.pem > 9e8079bd.0
If you are using Windows, run the above command in Powershell instead of a normal command prompt.
| | | | | | |If you are using Linux or Mac, execute the following command:
openssl x509 -inform PEM -text -in rootcertnewname.pem -out /dev/null >> hashvalue.0
Example:
openssl x509 -inform PEM -text -in rootcertzt55z.pem -out /dev/null >> 9e8079bd.0
If you are using Windows, execute the following command:
openssl x509 -inform PEM -text -in cert.pem -out $null >> hashvalue.0
Example:
openssl x509 -inform PEM -text -in cert.pem -out $null >> 5h543h5a.0
You should see the original hashvalue.0 file increase in size when you add the output of the PEM file.
| | | | | |After restarting, you need to use Android’s Developer Mode to be able to use the Root Certificate that you created earlier.
From Android (Tablet or Phone) Settings, scroll to the About Tablet/Phone and click in. Then scroll to the very bottom to Build Number and click that section 7 or 8 times until you see that you are now a developer.
| | | | | | |Under Settings, now that you are a developer, there will be a {} Developer Options that will include a USB debugging Mode
hashvalue.0 file (the example file 9e8079bd.0) to the \adb subdirectory and Change Directory to \adb.To start the server running at port 21503, enter:
C:\adb>adb connect localhost:21503
Proper response:
connected to localhost:21503
Enter
adb push hashvalue.0 /system/etc/security/cacerts
Example
adb push 9e8079bd.0 /system/etc/security/cacerts
If you get the message:
failed to copy ‘9e8079bd.0’ to ,/system/etc/security/cacerts/9e8079bd.0’: couldn't create file: Read-only file system
this is because ADB is not running as root so do an ADP REMOUNT:
C:\adb>adb remount
And you should getremount succeeded
And then re-enter that command
C:\adb>adb push 9e8079bd.0 /system/etc/security/cacerts
If this is run correctly, you will see how fast the push went:
Example: 1195 KB/S (5074 bytes in 0.025s)
Using the shell feature of ADB, change to the cacerts subdirectory to change the Root Certificate file permissions to read.
Change directory /etc/security/cacerts
Example
G011A:/etc/securitv/cacerts # chmod 644 ./9e8079bd.0
Follow Android Settings → Security → Trusted Credentials. Scroll down to find the Apica Certificate.
| | | | | | | | | | | | |