Installing root certificates on Android devices

A root certificate is a public key certificate issued by a trusted certificate authority (CA). Root certificates are used to verify custom certificates and guarantee their identity.

Kaspersky Security Center Web Console lets you add root certificates to be installed to a trusted certificate store on Android devices.

These certificates are installed on user devices as follows:

• On corporate devices, the certificates are installed automatically.

  If you delete a root certificate in the policy settings, it will also be automatically deleted on the device during the next synchronization with the Administration Server.

• On personal devices:
  • If a corporate container was not created, the device user is prompted to install each certificate manually in a personal space by following the instructions in the notification.
  • If a corporate container was created, the certificates are installed automatically to the container. If the Duplicate installation of root certificates in user's personal space check box is selected in the corporate container settings, the certificates can also be installed in a personal space. The device user is prompted to do this manually by following the instructions in the notification.

    If you delete a root certificate in the policy settings, it will also be automatically deleted on the device during the next synchronization with the Administration Server.

    For instructions on how to install certificates in a personal space, please refer to Installing root certificates on the device.

To add a root certificate:

1. In the main window of Kaspersky Security Center Web Console, select Assets (Devices) → Policies & profiles. In the list of group policies that opens, click the name of the policy that you want to configure.
2. In the policy properties window, select Application settings.
3. Select Android and go to the Device configuration section.
4. On the Root certificates card, click Settings.

   The Root certificates window opens.

5. Enable the settings using the Root certificates toggle switch.
6. Click Add.

   The file explorer opens.

7. Select a certificate file (a CER, PEM, KEY, or CRT file) and click Open.

   The certificate file must be no larger than 10 MB.

   The certificate will appear in the list of root certificates.

8. Click OK.
9. Click Save to save the changes you have made.

Mobile device settings are configured after the next device synchronization with Kaspersky Security Center.

Page top