Google system apps don't trust adguard certificate when installed using this module in devices running Android 10+ out of the box

[techIndia-hacker]

Google system apps don't trust adguard when installed using this module but this problem does not happen if adguard itself puts the certificate in system store using root access in Android 10.

Please fix this problem as not all phones have rewritable cacerts folder. Only in Samsung phones one can place certificate in system store with su

[ianmacd]

What model of device do you have and what error message do you get?

[techIndia-hacker]

Device samsung M40. And adguard has certificate conflict notification inbuilt

This error is solved if adguard itself installs the certificate in trusted system store, but not all devices like (OnePlus 8 {my other device}) has rewritable system partition. Both devices runs Android 10

[techIndia-hacker]

Were u able to reproduce the issue? All u need is a device Android 10 device running out of the box. If u test with adguard u need to disable error suppression in low level settings in https opportunistic bypass

[ianmacd]

Were u able to reproduce the issue? All u need is a device Android 10 device running out of the box. If u test with adguard u need to disable error suppression in low level settings in https opportunistic bypass

I don't see this error on my Note10+, Fold or Tab S6, but I have just installed a Note20 Ultra and this device has the problem you describe.

I don't have a solution yet.

[techIndia-hacker]

Were u able to reproduce this problem while using adguard? Also have u disabled this(in the picture)? It's an error suppression technique for frustrated noobs😉😂

You will see that all Google system apps like Play Store, Play services, Vanced YouTube even don't trust module pushed adguard certificate. Please confirm again if u r able to reproduce these errors 🙂

[ianmacd]

I find now that the errors persist on my Note20 Ultra even when the certificate is actually moved to the system store outside of Magisk, so either method causes these rejections on this device.

[techIndia-hacker]

I didn't understand the"outside of magisk" part. What did u do exactly?

On Thu, 27 Aug, 2020, 12:28 pm Ian Macdonald, notifications@github.com wrote:

I find now that the errors persist on my Note20 Ultra even when the certificate is actually moved to the system store outside of Magisk, so either method causes these rejections on this device.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/Magisk-Modules-Repo/movecert/issues/9#issuecomment-681642733, or unsubscribe https://github.com/notifications/unsubscribe-auth/AN3FHQZR6OOZGCUHPZUG3LDSCX7YRANCNFSM4QCXUPRQ .

[ianmacd]

I didn't understand the"outside of magisk" part. What did u do exactly?

I actually moved the certificate to the store, rather than superimposing it there using this module.

[ianmacd]

I've now opened an AdGuard issue for this.

https://github.com/AdguardTeam/AdguardForAndroid/issues/3553

[techIndia-hacker]

Did u move using adguard move anyway button? How exactly did u place the certificate in system store directly? Cause system partition is read only unless mounted from twrp!!

I reported them already about this issue twice but they couldn't reproduce this bug themselves and closed the issue saying probably it's a magisk module issue

As a way out they created the error suppression thing as https filtering bypass

[techIndia-hacker]

I have solved this issue. After much sleepless nights I finally was able to kill Google SSL pinning

[ianmacd]

I have solved this issue. After much sleepless nights I finally was able to kill Google SSL pinning

Could you detail how you did it? Might be useful for others who want to do the same thing.

[techIndia-hacker]

I have done this exploiting a bug in Android. If openly written here, it will be plugged by Google immediately. So I won't. However I have already approached adguard and waiting for official proceedings regarding this matter.

Share a private mail

On Sat, 29 Aug 2020, 3:34 pm Ian Macdonald, notifications@github.com wrote:

I have solved this issue. After much sleepless nights I finally was able to kill Google SSL pinning

Could you detail how you did it? Might be useful for others who want to do the same thing.

— You are receiving this because you modified the open/close state. Reply to this email directly, view it on GitHub https://github.com/Magisk-Modules-Repo/movecert/issues/9#issuecomment-683268303, or unsubscribe https://github.com/notifications/unsubscribe-auth/AN3FHQ4WRTO4PYH4OMDSN43SDDHCXANCNFSM4QCXUPRQ .

[techIndia-hacker]

Shit SSL pinning can't be disabled in OnePlus stock rom but it the trick works fine with Android 10 aosp custom roms and in samsung stock too

[techIndia-hacker]

Ok I found Google system apps will not use ssl pinning if they are kept unhidden in magisk hide. This fixes the issue for me.

[techIndia-hacker]

I would like to know about the module program. What is happening exactly after moving the certificates to system store as coded in the shell program?