search

ys1231 / MoveCertificate

支持Android7-14移动证书,兼容magiskv20.4+/kernelsu/APatch, Support Android7-14, compatible with magiskv20.4+/kernelsu/APatch
https://github.com/ys1231/MoveCertificate
Apache License 2.0
654 stars 75 forks source link

doesn't work on ONEPLUS Ace 3 #28

Closed zr4in closed 1 month ago

zr4in commented 1 month ago

Additional context I followed “手动安装证书到系统证书目录” The certificate is still in user's direcotry after reboot.

/data/adb/modules/MoveCertificate/install.log is shown below:

[iyue_MoveCertificate] Keep only one up-to-date log
[iyue_MoveCertificate] start move cert !
[iyue_MoveCertificate] current sdk version is 34
[iyue_MoveCertificate] Backup system certificates
[iyue_MoveCertificate] Backup user custom certificates
[iyue_MoveCertificate] Backup user custom certificates
[iyue_MoveCertificate] Backup user custom certificates status:0
[iyue_MoveCertificate] fix user permissions: /data/misc/user/0/cacerts-added/
[iyue_MoveCertificate] fix user permissions status:0
[iyue_MoveCertificate] fix permissions: /data/adb/modules/MoveCertificate/certificates
[iyue_MoveCertificate] fix permissions: 0
[iyue_MoveCertificate] find system conscrypt directory
[iyue_MoveCertificate] find conscrypt directory: /apex/com.android.conscrypt@340090000
[iyue_MoveCertificate] certificates installed
ys1231 commented 1 month ago

By default, it is installed in both the system certificate directory and the user certificate directory. You can try to grab the package and make sure.

zr4in commented 1 month ago

I tried use polarproxy to provide a socks5 proxy and appproxy as a socks5 client. Still cannot see any decrypted tls traffic. ls /system/etc/security/cacerts shows that the certificate is not there.

ys1231 commented 1 month ago

The certificate you converted manually may be wrong. You can try to use the system's own settings to install the certificate and restart it, or extract '****.0' from another phone after installing it and put it in '/data' /local/tmp/cert' inside

zr4in commented 1 month ago

Thanks for your patience. I've actually tried using the system's setting page. The certificate is still in user's directory. The content of install.log:

[iyue_MoveCertificate] Keep only one up-to-date log
[iyue_MoveCertificate] start move cert !
[iyue_MoveCertificate] current sdk version is 34
[iyue_MoveCertificate] Backup system certificates
[iyue_MoveCertificate] Backup user custom certificates
[iyue_MoveCertificate] Backup user custom certificates
[iyue_MoveCertificate] The directory '/data/local/tmp/cert' is empty.
[iyue_MoveCertificate] Backup user custom certificates status:0
[iyue_MoveCertificate] fix user permissions: /data/misc/user/0/cacerts-added/
[iyue_MoveCertificate] fix user permissions status:0
[iyue_MoveCertificate] fix permissions: /data/adb/modules/MoveCertificate/certificates
[iyue_MoveCertificate] fix permissions: 0
[iyue_MoveCertificate] find system conscrypt directory
[iyue_MoveCertificate] find conscrypt directory: /apex/com.android.conscrypt@340090000
[iyue_MoveCertificate] certificates installed
zr4in commented 1 month ago

I'll try to extract the certificate from another phone later.

ys1231 commented 1 month ago

!!!, both directories will be placed, otherwise chrome will not be able to catch it

zr4in commented 1 month ago

OK, I'm trying.

zr4in commented 1 month ago

Sorry for the delay. I'm not sure about the "both directories" are which. I manually installed the certificate in system's setting page and extract ‘xxxxxx.0’ from another phone then push it to /data/local/tmp/cert. Nothing changes. install.log:

[iyue_MoveCertificate] Keep only one up-to-date log
[iyue_MoveCertificate] start move cert !
[iyue_MoveCertificate] current sdk version is 34
[iyue_MoveCertificate] Backup system certificates
[iyue_MoveCertificate] Backup user custom certificates
[iyue_MoveCertificate] Backup user custom certificates
[iyue_MoveCertificate] Backup user custom certificates status:0
[iyue_MoveCertificate] fix user permissions: /data/misc/user/0/cacerts-added/
[iyue_MoveCertificate] fix user permissions status:0
[iyue_MoveCertificate] fix permissions: /data/adb/modules/MoveCertificate/certificates
[iyue_MoveCertificate] fix permissions: 0
[iyue_MoveCertificate] find system conscrypt directory
[iyue_MoveCertificate] find conscrypt directory: /apex/com.android.conscrypt@340090000
[iyue_MoveCertificate] certificates installed
zr4in commented 1 month ago

I manually installed the certificate in system's setting page and extract ‘xxxxxx.0’ from another phone then push it to /data/local/tmp/cert.

Is this the correct way to use this module?

ys1231 commented 1 month ago

In theory, you only need to install the certificate in the system settings.

zr4in commented 1 month ago

On the Pixel 6, I installed the certificate through the system settings successfully. Anyway, I finally decided to give up and try a different phone.

zr4in commented 1 month ago

update: Works fine with ONEPLUS 8 Pro running ColorOS13 (IN2020_13.1.0.120(CN01)). Only need to install the certificate via the system settings and reboot. After that, the certificate will be located in both the user's directrory and the system's directory.