HTTPS Filtering on Android 8.1

Discussion in 'Technical Support (AdGuard for Android)' started by Nzyme, Apr 17, 2019 at 12:53 PM.

  1. Nzyme

    Nzyme Active Member

    Joined:
    May 3, 2017
    Messages:
    1,073
    So I bought this new Android TV Box running Android 8.1 (Oreo) that is rooted and installed AG (latest nightly). I even configured the HTTPS filtering setting and installed the AG certificate. However, when I looked under 'Apps Management' > Any App > HTTPS filtering, I see that this setting is disabled for all the apps. Trying to enable this setting shows a warning about the app not trusting the certificate or something. Does that mean that AG is not filtering the HTTPS traffic for all these apps? How can I enable HTTPS filtering for all the apps (system & installed)?
     
  2. Boo Berry

    Boo Berry Moderator + Beta Tester Moderator

    Joined:
    May 30, 2012
    Messages:
    3,990
    Since you're rooted, you need to move AG's certificate to the system store for it to work correctly. What are you using for root, Magisk perhaps? If so, you can install the move certificates module in the Magisk Manager app. If using something else (e.g. SuperSU) you can find the Move Certs app and use that.
     
  3. Nzyme

    Nzyme Active Member

    Joined:
    May 3, 2017
    Messages:
    1,073
    The box came rooted and in fact there is a setting in Android system settings that will allow me to toggle the 'Root' on or off. I tried setting that switch to off (unrooted) and then tried to check the HTTPS filtering option under Apps Mgmt but it still shows the message. So the question really is:

    1. In which environment does AG work to it's full potential (rooted/unrooted)?
    2. In 'Filtering Method', should I be using Local VPN/Local HTTP Proxy considering that I am rooted?
    3. How can I move AG's certificate to the system store? I am not sure how was this rooted (SuperSU/Magisk). Is there a way to find out?

    Thanks!
     
  4. Boo Berry

    Boo Berry Moderator + Beta Tester Moderator

    Joined:
    May 30, 2012
    Messages:
    3,990
    1. Rooted, with the certificate moved to the system store. By default the certificate is installed in the user store, but lots of apps don't trust user certificates anymore.
    2. Doesn't really matter, but Local HTTP Proxy if you're going to use a VPN.
    3. AG itself has an option to move the certificate to the system store once rooted (and AG is granted root permissions). Settings > Network > HTTPS Filtering > Security Certificate and there it should give the option to move it to the system store. If it doesn't, try using the Move Certs app - I'd recommend getting it from the F-Droid app store since it isn't in the Play Store anymore.
     
  5. Nzyme

    Nzyme Active Member

    Joined:
    May 3, 2017
    Messages:
    1,073
    Ok, thanks. Let me try this
     
  6. Nzyme

    Nzyme Active Member

    Joined:
    May 3, 2017
    Messages:
    1,073
    works great. Thanks