How can I possibly install my S/MIME certificates into android?

I’m running SailfishOS 4 (Koli) on an Xperia XA2.

I like sending e-mails only with an S/MIME digital signature and that way also being able to encrypt the message if needed. I stopped using the sailfish email client some time ago because it is unable to handle digital signatures/encryption using S/MIME certificates.

I tried the android apps “Nine mail&calendar”, “FailEmail” and “R2Mail2”. I’d really love to switch to FairEmail, because it seems like a nice app for that purpose but (unlike R2Mail2) it requires S/MIME certificates to be installed in androids credential storage. This apparently fails on aliendalvik because android requires a “secure lock screen”. The error message is “Attention Before you can use credential storage, your device needs to have a secure lock screen” offering me to do so at “Choose screen lock”.
Now, last time I tried to set a screen PIN to convince android there is a secure lock screen, I locked my self out of android support on my phone (that was on Oulanka I believe) since it wasn’t possible in aliendalvik to enter the screen pin ever again :crazy_face:

Here comes my question: Does anyone know a trick to make android allow me to import my certificates into the credential storage? I use the android settings “Security & location”->“Encryption & credentials”->“Install from SD card” ? But it keeps prompting me to set a screen lock first.

1 Like

I have a similar requirement. I use a proxy server to access the internet from my home network. This proxy server requires a certificate. I installed this certificate in my Xperia XA2 Plus (Dual SIM) phone in native Sailfish OS (4.3.0.12) and native browser works well. I wanted to try Firefox for Android. I realized that the certificate I installed for native Sailfish OS seems not to be used by Firefox. I installed the certificate via Android the same way you described and the installation of the certificate seemed to work well (without the lock screen issue). I now see the certificate under the tab User (in my German UI “Nutzer” in the android setting screen. Unfortunately Firefox seems not to make use of this certificate.

Firefox uses its own certificate storage, but according to this, there is a workaround:
https://support.mozilla.org/en-US/questions/1304237