Android and PKI Certificates

I have noticed several recent searches leading to my blog posts associated with “installing certificates on Android”.

As an avid Android user (1.5 and 2.1), I have not had to install a certificate on my device to make it work with my back-end Exchange Server 2010 system that requires SSL.

Additionally, I have not found a way to install .CER files on an Android device – either 1.5 or 2.1.

Please feel free to leave a comment if you have questions or are having trouble with Android and ActiveSync.

Advertisements

About Tim Smeltzer
I am a husband, father, and technologist. While I am very much interested in almost all technology, my current area of specialty is secure mobile messaging. You will find me blogging from time to time on mobile technology - what I think is cool, what I think is not cool, and how to do things. Please be nice if you leave me comments. I am really trying to help!

7 Responses to Android and PKI Certificates

  1. Thomas Kwan says:

    I am very much interested in mobil PKI. My current research is design a PKI for mobile device. Althuogh it is just a begining, I hope it can come true in the near future. As I am newbie in this topic, do you have any suggestion for me to deal with Andriod?

    • Tim Smeltzer says:

      Thomas… I would start with defining what function you are trying to enable on mobile devices. Then work back from that. PKI is an enabler (it enables you to do digital signing, encryption, and decryption). As far as Android devices, they already support .p12 files and many also support .CER files. If I were working on this area, I would look at bridging the gap between the ability of the device to install PKI certificates and the ability of apps (primarily email) to use those certificates. Hope that helps! Tim

  2. Richard says:

    Tim,
    Android and PKI. We are currently looking at developing apps in my office that require a smart card validation for access. We had moved away from maintaining userid and pwd some time ago. Smartphones have come a long way and the ability to interface with web based logistics systems is an essential part of our future planning. If Blackberry (I don’t know this for sure) has for the most part solved the PKI issue is there a solution in the immediate future for Androids.

    R/Richard

    • Tim Smeltzer says:

      Richard,

      Some vendors are interested, but there is the challenge of the Android splinter – so many versions of the OS, changes/shells from the device manufacturers, and mods made by the carriers. I am VERY interested in Android and PKI. I wish I could tell you here who was working it, but NDAs prevent me from doing so. I will email you some more information from .mil account.

      R/Tim

  3. J.R. Riehle says:

    I too am very interested in Android PKI support – including OCSP. It has been very painful to date – hard to believe that a modern OS does not natively support this. Please send any info you have to my .mil address.

    Current device is a HTC ThunderBolt and I cannot sign e-mails! (Not to mention e-mail or full device encryption.) Most vendors have issues with just the root and user certs – and we throw in intermediates.

    Vendors don’t get OCSP either – no secondary ( or more) fail-over sites at all.

    Thanks,

    ~J.R.

  4. Thomas Kwan says:

    Dear guys,

    I am interested in PKI + mobile devices too. Please help to share your information with me through my email account.

    Thanks,

    TK

    • Tim Smeltzer says:

      Thomas… how are you looking to use PKI with mobile devices? There is currently fairly good support for S/MIME messaging on WinMo, BB, and iPhone devices. There is still work to be done for Android. Tim

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: