Install Burpsuite’s or any CA certificate to system store in Android 10,11 and Kali linux.

Hi readers, if you like to understand what is CA(Certificate Authority) and how client-server interact please watch this video https://www.youtube.com/watch?v=T4Df5_cojAs. You will get a basic idea how HTTPS works. Otherwise if you know basic asymmetric(also known as public key) cryptography you are good to go.

Each device which uses SSL/TLS has a CA certificate store which contains public keys of all the trusted CAs(Firefox maintains its own store). Also there is something known as certificate chains(chain of trust) but this is out of scope of current topic.

In android there are two CA certificate stores User and System.

User store contains certificates installed by user installed apps like adguard, sslAnalyzer etc. or by user itself for intercepting Https traffic or for MITM.

System store contains the certificates of trusted CAs which comes preinstalled by the device manufacturers and are pretty much same in all the devices because number of Trusted CAs are limited on the internet.

What is the need to Install certificates in System Trust Store?

While testing or perfoming security analysis of android apps using a proxy tool such as Burp, Zap, mitmprox etc. All the apps by defaults do not trust the user trust store unless explicitly stated in the network security configuration of the app.