Recently I bought a new Android phone and as I’m using it in WPA2-Enterprise network, I needed to import a client certificate.
All the tutorials about installing user certificates on your Android — both official ones and user-authored — mention to take your PKCS#12 file, put it on the root folder of your SD card and import in Android from Settings > Location and security > Install encrypted certificates menu option.
The problem is that no matter how hard I tried converting certs and keys in all the possible ways, I failed. My phone was constantly refusing cooperation, happily announcing that
No certificate file found in the SD card.
It was driving me crazy because I knew it used to work on my old phone. Searching the web I spot a fragment in Galaxy Nexus User’s Guide about importing certificates (page 104):
To install a certificate from your phone’s internal storage:
1. Copy the certificate or key store from your computer to the root of your device’s internal storage (that is, not in a folder).
2. From a Home or All Apps screen, touch the Settings icon.
3. Go to Personal > Security > Credential storage > Install from storage
Did you notice the shift from “SD card” to “Internal storage”? Well, Nexus is 4.0-based and my Galaxy S Plus works on 2.3.4, but what the heck… I tried and it worked!
So, if you have Samsung Galaxy S Plus (I9001) and your device can’t find certificates on SD card, just try to put them into internal storage.
I wonder whether this is the Samsung mistake of copying too much from their 4.0 codebase to older phones’ software, or other phones also exhibit this behavior?