A quick Android security testing tip from our colleagues John Kozyrakis and Doug Logan…
Up to Android 2.3 adding trusted CA certs to the keystore required either a rooted phone and manual editing of the java keystore or an OTA update.
After 2.3 Android added that GUI in the Settings app, making possible for non-rooted phones to install new certs.
Some other options for easily inserting a new trusted system cert into the Android emulator:
1) mount an sdcard on the emulator. Just use ‘mksdcard 50M’ and start the emulator with -sdcard [or hardcode it in its config file].
2) upload the cert somewhere, browse to it, download, install. http://www.realmb.com/droidCert/
3) use a third party app like otertool