Closed T3rm1 closed 4 years ago
Can you provide the Magisk log (can be found in Magisk Manager)?
Did you also generate your certificate to have a shorter lifetime, so that Android accepts it? See https://blog.nviso.eu/2018/01/31/using-a-custom-root-ca-with-burp-for-inspecting-android-n-traffic/ for more info and commands on how to generate the certificate.
I'll add that explanation to this repo as well.
--------- beginning of main
--------- beginning of system
05-08 13:09:09.353 185 185 I Magisk : Magisk 20.4(20400) daemon started
05-08 13:09:09.353 185 185 I Magisk : * Device API level: 25
05-08 13:09:12.332 185 281 I Magisk : ** post-fs-data mode running
05-08 13:09:12.334 185 281 I Magisk : * Initializing Magisk environment
05-08 13:09:12.399 185 281 I Magisk : * Mounting mirrors
05-08 13:09:12.400 185 281 I Magisk : mount: /sbin/.magisk/mirror/system
05-08 13:09:12.400 185 281 I Magisk : mount: /sbin/.magisk/mirror/data
05-08 13:09:12.400 185 281 I Magisk : link: /sbin/.magisk/mirror/vendor
05-08 13:09:12.403 185 281 I Magisk : * Setting up internal busybox
05-08 13:09:12.500 185 281 I Magisk : * Running post-fs-data.d scripts
05-08 13:09:12.618 185 281 I Magisk : * Running module post-fs-data scripts
05-08 13:09:12.618 185 281 I Magisk : * Loading modules
05-08 13:09:12.619 185 281 I Magisk : trustusercerts: constructing magic mount structure
05-08 13:09:13.218 185 335 I Magisk : ** late_start service mode running
05-08 13:09:13.219 185 335 I Magisk : * Running service.d scripts
05-08 13:09:13.220 185 335 I Magisk : * Running module service scripts
05-08 13:09:53.566 185 1301 I Magisk : ** boot_complete triggered
I did not change the expiration date. I will keep that in mind. This is not the problem here though because when I copy the certificate manually into the system cert folder it shows up correctly in the settings. So the certificate is valid.
I just pushed an update, I think the plugin was only copying certs when it was installed, instead of on each reboot. Can you try out the latest version from the repo?
Why is it post-fs-data.sh
instead of service.sh
?
module.prop has a strict format afaik. You have a prop minMagisk
in there which is not supported.
I tried it as service.sh
and it worked but only after rebooting twice. So maybe it is required to execute it as post-fs-data.
I assume when it is executed in late start all the certs have already been added to the secure store so it was working when rebooting again since then the cert was already there.
Tested it with an old phone (Samsung 4 Mini) but that shouldn't matter.
Android 7.1.2 Magisk Manager: 7.5.1 Magisk: 20.4 MagiskTrustUserCerts: 0.4
Certificate is still in user tab but not in system tab.
Also there is no certificate in /sbin/.magisk/\/system/etc/security/cacerts