Does not work

[T3rm1]

Tested it with an old phone (Samsung 4 Mini) but that shouldn't matter.

Android 7.1.2 Magisk Manager: 7.5.1 Magisk: 20.4 MagiskTrustUserCerts: 0.4

1. Installed the zip as module through Magisk Manager
2. Rebooted
3. Installed certificate the normal way (install from disk)
4. Verified it is in user certificates
5. Rebooted

Certificate is still in user tab but not in system tab.

Also there is no certificate in /sbin/.magisk/\/system/etc/security/cacerts

[TheDauntless]

Can you provide the Magisk log (can be found in Magisk Manager)?

Did you also generate your certificate to have a shorter lifetime, so that Android accepts it? See https://blog.nviso.eu/2018/01/31/using-a-custom-root-ca-with-burp-for-inspecting-android-n-traffic/ for more info and commands on how to generate the certificate.

I'll add that explanation to this repo as well.

[T3rm1]

--------- beginning of main
--------- beginning of system
05-08 13:09:09.353   185   185 I Magisk  : Magisk 20.4(20400) daemon started
05-08 13:09:09.353   185   185 I Magisk  : * Device API level: 25
05-08 13:09:12.332   185   281 I Magisk  : ** post-fs-data mode running
05-08 13:09:12.334   185   281 I Magisk  : * Initializing Magisk environment
05-08 13:09:12.399   185   281 I Magisk  : * Mounting mirrors
05-08 13:09:12.400   185   281 I Magisk  : mount: /sbin/.magisk/mirror/system
05-08 13:09:12.400   185   281 I Magisk  : mount: /sbin/.magisk/mirror/data
05-08 13:09:12.400   185   281 I Magisk  : link: /sbin/.magisk/mirror/vendor
05-08 13:09:12.403   185   281 I Magisk  : * Setting up internal busybox
05-08 13:09:12.500   185   281 I Magisk  : * Running post-fs-data.d scripts
05-08 13:09:12.618   185   281 I Magisk  : * Running module post-fs-data scripts
05-08 13:09:12.618   185   281 I Magisk  : * Loading modules
05-08 13:09:12.619   185   281 I Magisk  : trustusercerts: constructing magic mount structure
05-08 13:09:13.218   185   335 I Magisk  : ** late_start service mode running
05-08 13:09:13.219   185   335 I Magisk  : * Running service.d scripts
05-08 13:09:13.220   185   335 I Magisk  : * Running module service scripts
05-08 13:09:53.566   185  1301 I Magisk  : ** boot_complete triggered

I did not change the expiration date. I will keep that in mind. This is not the problem here though because when I copy the certificate manually into the system cert folder it shows up correctly in the settings. So the certificate is valid.

[TheDauntless]

I just pushed an update, I think the plugin was only copying certs when it was installed, instead of on each reboot. Can you try out the latest version from the repo?

[T3rm1]

Why is it post-fs-data.sh instead of service.sh? module.prop has a strict format afaik. You have a prop minMagisk in there which is not supported.

I tried it as service.sh and it worked but only after rebooting twice. So maybe it is required to execute it as post-fs-data. I assume when it is executed in late start all the certs have already been added to the secure store so it was working when rebooting again since then the cert was already there.