Owners of Xiaomi, Redmi and Poco smartphones often face intrusive notifications of unreliable connections or blocking access to certain resources, the reason is due to system certificates that are preinstalled in the factory or added by third-party applications. These digital keys allow the device to trust certain networks and sites, but sometimes become a tool for surveillance or cause failures.
Removing the CC certificate is not just a memory cleaner, it is an important step to ensure your digital hygiene. In the Android operating system, which runs MIUI and HyperOS, managing these keys requires special attention, as an error can lead to the failure of banking applications or corporate profiles.
In this article, we will look in detail at where to find hidden security settings, how to distinguish a system certificate from a user certificate, and whether to interfere with the operation of the credential store at all, you will learn what risks cleanup entails and how to return everything back if necessary.
What are CC certificates and why they are needed in MIUI
A certificate from a Certificate Authority (CS) is a digital document that confirms the authenticity of a site, application or device. When your Xiaomi smartphone connects to Wi-Fi or opens a page in your browser, it checks the trust chain. If the site certificate is signed by a trusted CS, the connection is established. If not, you see a warning.
In the firmware MIUI And HyperOS is a division of system and user certificates, the first built-in by the manufacturer and required for Google services, banking applications and system updates, the second installed by the user or applications for corporate mail, VPN-services or traffic interception (e.g. Charles or Proxy).
What are the dangers of corporate certificates?
Having redundant or questionable certificates can lead to malicious users being able to infiltrate your encrypted connections, so regularly checking your trusted DS list is a basic element of cybersecurity in any modern gadget.
π‘
System certificates can not be removed - this will lead to a breakage of the OS. You can only work with user keys.
Where to find a list of installed certificates on Xiaomi
Finding the right menu can be confusing, as the path to security settings may be slightly different in different versions of Android and Xiaomi shells. However, the logic remains unchanged: all cryptographic keys are stored in a special storage.
To get to the desired section, you need to open Settings and search for settings by typed in the phrase "certificate" or "security." If the search does not yield results, follow the classic path through the system settings menu.
The path is usually as follows: Settings β Passwords & Security β Privacy β Trusted credentials. In some versions of HyperOS, this item may be in the Advanced Settings or Special Features section.
| System version | The path to the menu | Features |
|---|---|---|
| MIUI 12-13 | Settings β Passwords and Security β Privacy | Classical path, search available |
| MIUI 14 | Settings β Additional settings β Privacy | Menu regrouped |
| HyperOS | Settings β Passwords and Security β Privacy | New interface, strict rights |
| Android 13+ | Settings β Security β Encryption and credentials | Depends on the skin of the manufacturer |
It's important to understand that just opening a list isn't enough, and the system may require you to enter a screen unlock pin or fingerprint to confirm access to this critical data.
Difference Between System and User Certificates
Before you click the delete button, you need to be clear about what type of key you are dealing with, and a choice error can cause your bank apps, email clients, or even the Google Play store to stop working.
System certificates are in the Systems or Systems section, and they're protected from deletion by conventional methods and require root rights to modify, and on this list are keys to Google, Microsoft, Apple and other major players, and it's strongly discouraged from touching them.
π‘
If you're not sure the origin of the certificate, you'd better skip deleting it, and it's more likely to be system-critical than it's a virus.
User certificates are placed in a separate tab, and that's where the keys you manually set up, or the apps you use to set up a VPN, Microsoft Exchange, or debug traffic, are located, and these are the ones that are safe and often needed to be removed.
Visually, they often differ by expiration date or publisher name. If you see a certificate with the name of an unknown company or a date that coincides with the installation of a suspicious application, this is a candidate for removal.
Step-by-step: how to remove the certificate of the CS
The process of deleting is simple, but it requires care. Make sure you're in the user certificate section. If you're trying to remove a key from a system partition without root permissions, the system just won't let you do it.
Choose the certificate you want from the list. Click on it to see details: name, expiration date and purpose. If you are sure that this key is no longer needed (for example, you quit your company or deleted it). VPN-Customers, move to action.
βοΈ Algorithm for deleting the certificate
Click Delete or Clear credentials. The system will request proof of your identity through a biometric or pattern lock, and once confirmed, the certificate will be permanently removed from the vault.
In some cases, especially on older versions of MIUI, it may be necessary to reboot the device so that the changes take effect and applications stop linking to the remote key.
Problems with corporate profiles and administrators
Often, users cannot delete the certificate because it is linked to the active profile of the device administrator, which is typical for work phones or devices that are installed on specific devices. MDM-Agents (mobile device management systems).
In this situation, the delete button will be inactive or hidden. You will need to first delete the administrator profile itself. The path to it: Settings β Passwords and security β Privacy β Special Access Rights β Device administrators.
β οΈ Attention: Deleting your corporate profile can erase all work data, email and contacts synchronized through this profile.
Once the administrator's rights are disabled, the CA certificate will be available for removal in the standard way, and if the profile is not deleted, it may be that the device is under tight control. IT-department, and bypass this restriction without resetting to factory settings will not work.
Sometimes cleaning up the Settings or Google Play Services data helps, but this is a temporary solution that could disrupt other services.
What to do if the Internet stops working after removal
There are situations when the removal of the βunnecessaryβ certificate leads to unexpected consequences: stop opening sites, fly out applications or lose access to corporate Wi-Fi, which means that an important trust key has been removed.
The first thing you need to do is check the date and time on the device. The wrong system date often causes errors. SSL-Set up automatic time synchronization over the network.
If the problem is in a particular application (such as a bank), try clearing its cache and data. The application will need to re-establish a secure connection and possibly request a new certificate.
As a last resort, if you delete something extra and donβt remember what, a complete reset of network settings or even Factory Reset will help. However, you should try to restore the deleted certificate before you have a backup copy of it or an installation file (.cer,.p12).
β οΈ Note: If you have removed the system certificate (requiring root), recovery is possible only by flashing the device or returning the factory image of the system.