Removing certificates from the Certification Authority (CA) on Xiaomi smartphones is a challenge that users face when setting up enterprise devices, experimenting with VPNs, or alerting users of unreliable connections, which can interfere with applications, block access to certain sites, or even create security vulnerabilities. However, removing them on MIUI is nuanced: the system often hides system certificates, and improper actions can lead to malfunctions in the phone.
In this article, we will discuss all the current ways to remove CS certificates on Xiaomi, Redmi and POCO devices (including models on MIUI 12-14 and HyperOS), explain which certificates can be deleted without risk and which should not be touched, and find solutions to common errors (for example, when the delete button is inactive) and tips for restoring the system if something goes wrong.
What are CC certificates and why should they be removed
Certification Authority (CS) certificates are digital signatures that authenticate websites, applications and networks, and they fall into two categories:
- π Trusted root certificates are pre-installed in the system (e.g. GlobalSign, DigiCert) and are not recommended to be removed because it may disrupt the work of the system. HTTPS-compound.
- β οΈ User certificates β are manually installed (for example, for corporate certificates) VPN, Test applications or after experiments with ADB). Removal of these is usually safe.
Reasons for deletion:
- π« Browser warnings about βunreliable connectionβ on secure sites (e.g, NET::ERR_CERT_AUTHORITY_INVALID).
- π Conflicts with VPN Corporate policies (for example, after a change of employment).
- π‘οΈ Suspicions of installing malicious certificates (for example, after using pirated applications).
β οΈ Note: Removal of system certificates (e.g. Android) CA Store) may cause Wi-Fi connection to be impossible with certificate authorization or banking app malfunctions.Be sure to check the certificate name in the list before deleting it.
If you are not sure which certificate is causing the problem, use the exclusion method: temporarily disable suspicious certificates (there is an option to βdisableβ in the settings) and check if the error has disappeared.
How to check the list of installed certificates on Xiaomi
Before you delete certificates, you have to find them in the system, and in MIUI, the way to get them depends on the firmware version:
For MIUI 12-14 and HyperOS:
- Open the Settings. β Passwords and security.
- Go to Additional β Certificate Management (on some models, the item may be called the Account Data Warehouse).
- Select the User Certificates tab (if any) and display all manually installed certificates.
For older versions (MIUI 11 and below):
- π± Settings β System and device β Additionally. β Security β Accounting repository.
If there are no user certificates, then:
- β There are no manually installed certificates (only system-based certificates).
- β Your version. MIUI This section is hidden (the decision to use it) ADB, see next section).
What do dangerous certificates look like?
| Type of certificate | Can I remove it? | Effects of removal |
|---|---|---|
| User-generated (manually installed) | β Yes. | Some VPNs, enterprise applications, or test services may stop working. |
| Systemic (pre-installed) | β No. | HTTPS malfunction, Wi-Fi problems (if the certificate is used for authentication). |
| Application certificates (for example, for banks) | β οΈ Only if you're sure. | The app may stop opening or show security errors. |
| VPN certificates (such as OpenVPN) | β Yes. | VPN-The connection will not be established until the certificate is re-installed. |
Method 1: Remove certificates via MIUI settings (without root)
This is the simplest method, but it only works for user certificates (manually installed), which cannot be removed.
Instructions:
- Open Settings β Passwords and Security β Certificate Management.
- Go to the User Certificates tab (if not, see the ADB method).
- Click on the certificate you want to remove.
- In the window that opens, select Delete (or Disable if you want to temporarily deactivate).
- Confirm the action with a password / pattern lock.
β οΈ Note: If the Remove button is inactive (grey), it means that the certificate is protected by the system. ADB or-reset.
Once deleted, restart the device and check if the problem has gone away. If HTTPS errors persist, it may be that the certificate was installed in the system instead of the user's storage (see next section).
βοΈ Preparation for the removal of certificates
Method 2: Delete via ADB (for hidden certificates)
If the certificate doesnβt show up in the settings or the delete button is blocked, you can use Android Debug Bridge (ADB).This method requires connecting the phone to your computer, but does not require root rights.
What you need:
- π₯οΈ Computer with installed ADB Tools.
- π± Included debugging by USB on Xiaomi (Settings) β The phone. β Version. MIUI β 7 times press to unlock the developer mode, then Settings β Additionally. β For developers β Debugging by USB).
- π USB-cable (preferably original).
Steps:
- Connect the phone to the computer and confirm the debugging permission on the smartphone screen.
- Open the command prompt (Windows) or terminal (macOS/Linux) in the folder with ADB.
- Enter the command to view the certificate list: adb shell pm list packages -f | grep -i cert Or to view all user certificates: adb shell ls /data/misc/user/0/cacerts-added/
- Remove the certificate by the command (replace the name certificate.0 with the real name from the list): adb shell rm /data/misc/user/0/cacerts-added/certificate name.0
- Reboot the device: adb shell reboot
If rm fails (permission denied error), then the certificate is secure, and then only resetting or rooting will help.
π‘
If you are not sure about the name of the certificate, first copy the list to your computer with the command adb shell ls /data/misc/user/0/cacerts-added/ > certs.txt and examine the file certs.txt.
Method 3: Remove via TWRP (unlocked bootloader required)
If previous methods have failed and the certificate is critical to removal (for example, it interferes with the work of banking applications), you can use the custom TWRP recapver.
- π Unlocked bootloader (bootloader).
- π¦ Established TWRP Recovery.
- π Backup of data (risk of loss of information!).
Instructions:
- Boot to TWRP (turn off the phone, then press Power + Volume up).
- Go to Advanced β File Manager.
- Open the folder /data/misc/user/0/cacerts-added/.
- Delete certificate files (extension.0).
- Reset the device.
β οΈ Note: Delete files in TWRP It could crash the system if you delete something that's superfluous. /system or /vendor β This will lead to a "brick" of the device!
If the phone doesnβt boot after you delete, restore the backup via TWRP or reset your settings.
π‘
Use TWRP only as a last resort. For most users, ADB or reset methods are sufficient.
Method 4: Resetting settings (last option)
If the certificate cannot be deleted by other means, and it critically interferes with the device, it will be reset to factory settings, which will delete all user data, but return the system to its original state, including the certificate store.
How to reset:
- Create a backup of important data (photos, contacts, messages).
- Open Settings β About the phone β Reset settings.
- Select to erase all data (reset to factory).
- Enter the password from the Mi Account (if linked) and confirm the reset.
Once rebooted, the device will be like new, all user certificates (and others) will be deleted, but this method is radical: with the certificates, all applications, settings, and files will disappear.
If the reset did not help (for example, the certificate was pre-installed in the system partition by the manufacturer), only the flashing of the device through the Fastboot or Mi Flash Tool remains.
Frequent mistakes and their solutions
When deleting certificates, users often face problems, and here are the most common ways to solve them:
| Mistake. | Reason. | Decision |
|---|---|---|
| Remove button is inactive | Certificate system or protected by device policies | Use ADB or TWRP (see above) |
| Permission denied error in ADB | Not enough rights to delete the file | Get root or perform a reset settings |
| After removal, the sites / applications do not work. | Removed the required system certificate | Restore the certificate through reset or flashing |
| The certificate appears again after the reboot | The certificate is set by the application or device policy | Find and uninstall the app that installs it (e.g. Device Policy) |
If you deleted the certificate by mistake and need to restore it, try:
- π Reinstall the application that used it (for example, VPN-client).
- π₯ Download the certificate again (if it is a corporate certificate, ask the administrator for it).
- π§ Reset settings (return system certificates).