In technical terms, keystore is a storage space on your computer (or smartphone) reserved for all the digitally signed security certificates and their relevant information. Using valuable information from this keystore, your device (or rather the browser) learns whether a specific website that is being visited is safe (trusted) or not. Android OS has its own Certificate Authority keystore (located in /system/etc/security/cacerts.bks) where all the information pertaining to security certificates is stored. Accessing the Android keystore is not easy but thanks to the efforts of XDA-Developer’s member remzicavdar, now we have CACertMan – an Android app that not only lets you access your (rooted) Android’s Certificate Authority keystore but also lets you manage various certificate entries stored in it so that you can always surf the web without any safety concerns. Details, screenshots and download link after the break.
While surfing web on computers has been made quite safer through the extensive use of pishing filters, firewalls, antivirus programs (with internet security) and other web-based protection tools, options are quite scarce for smartphone users when it comes to learning whether the website they’re visiting on their device is safe or not. Moreover, you do not have much control over various certificate entries that might be residing silently in your Android’s keystore, thereby helping leak out your personal information to malicious entities over the web.
CACertMan is a comprehensive digital certificate manager for rooted Android devices that lets you browse, search, backup, restore and even delete SSL Root Authority certificates (listed in form of separate entries). The app serves as a handy tool for worldwide developers and general users as they can easily clean their Android devices of all the certificate entries coming from untrusted sources including those from DigiNotar, CNNIC and others. Obviously, you must have adequate information about the various certificates, their source and their authenticity to play around with them.
Once permitted root access, CACertMan lists out all the digital certificates stored in the Certificate Authority keystore of your Android device. Tapping on the name of an entry reveals brief info about it such as its keys, serial number and date of expiry etc. You can tap on the Menu button on your device to easily search, save, backup and restore your keystore database. To delete an unwanted entry, just long press on it’s title and select Delete.
CACertMan offers ample control over your device’s keystore data and lets you decide whether to keep a certain certificate entry in the database or not. Since the app is still in testing phases, you might experience a few force-closes (as happened with us during a brief test-run of the app on our HTC Desire Z running CyanogenMod 7) and/or issues with saving the database. The developer promises that future releases of CACertMan will bring further enhancements and features such as disabling specific certificates rather than deleting them once and for all.
Note: CACertMan works only with rooted devices. Learn more about how to root your Android device.