How to securely remove the certificate of the Certificate Authority (CC) on Xiaomi: all ways

Removing certificates from the Certification Authority (CA) on Xiaomi smartphones is a challenge that users face when setting up enterprise devices, experimenting with VPNs, or alerting users of unreliable connections, which can interfere with applications, block access to certain sites, or even create security vulnerabilities. However, removing them on MIUI is nuanced: the system often hides system certificates, and improper actions can lead to malfunctions in the phone.

In this article, we will discuss all the current ways to remove CS certificates on Xiaomi, Redmi and POCO devices (including models on MIUI 12-14 and HyperOS), explain which certificates can be deleted without risk and which should not be touched, and find solutions to common errors (for example, when the delete button is inactive) and tips for restoring the system if something goes wrong.

What are CC certificates and why should they be removed

Certification Authority (CS) certificates are digital signatures that authenticate websites, applications and networks, and they fall into two categories:

  • πŸ”’ Trusted root certificates are pre-installed in the system (e.g. GlobalSign, DigiCert) and are not recommended to be removed because it may disrupt the work of the system. HTTPS-compound.
  • ⚠️ User certificates – are manually installed (for example, for corporate certificates) VPN, Test applications or after experiments with ADB). Removal of these is usually safe.

Reasons for deletion:

  • 🚫 Browser warnings about β€œunreliable connection” on secure sites (e.g, NET::ERR_CERT_AUTHORITY_INVALID).
  • πŸ”„ Conflicts with VPN Corporate policies (for example, after a change of employment).
  • πŸ›‘οΈ Suspicions of installing malicious certificates (for example, after using pirated applications).

⚠️ Note: Removal of system certificates (e.g. Android) CA Store) may cause Wi-Fi connection to be impossible with certificate authorization or banking app malfunctions.Be sure to check the certificate name in the list before deleting it.

If you are not sure which certificate is causing the problem, use the exclusion method: temporarily disable suspicious certificates (there is an option to β€œdisable” in the settings) and check if the error has disappeared.

πŸ“Š Why you are removing certificates on Xiaomi?
Correction of HTTPS errors
I remove corporate certificates after work
I suspect a malicious certificate.
Experimenting with the system
Other

How to check the list of installed certificates on Xiaomi

Before you delete certificates, you have to find them in the system, and in MIUI, the way to get them depends on the firmware version:

For MIUI 12-14 and HyperOS:

  1. Open the Settings. β†’ Passwords and security.
  2. Go to Additional β†’ Certificate Management (on some models, the item may be called the Account Data Warehouse).
  3. Select the User Certificates tab (if any) and display all manually installed certificates.

For older versions (MIUI 11 and below):

  • πŸ“± Settings β†’ System and device β†’ Additionally. β†’ Security β†’ Accounting repository.

If there are no user certificates, then:

  • βœ… There are no manually installed certificates (only system-based certificates).
  • ❌ Your version. MIUI This section is hidden (the decision to use it) ADB, see next section).
What do dangerous certificates look like?
Dangerous certificates often have non-standard names (for example, "FiddlerRoot", "Charles Proxy", "UserTrust RSA"), are not signed by known CS (check the field "Issued") or installed without your knowledge. If the certificate has an expiration date in 10+ years or issued by an unknown organization, this is a reason to be wary.
Type of certificateCan I remove it?Effects of removal
User-generated (manually installed)βœ… Yes.Some VPNs, enterprise applications, or test services may stop working.
Systemic (pre-installed)❌ No.HTTPS malfunction, Wi-Fi problems (if the certificate is used for authentication).
Application certificates (for example, for banks)⚠️ Only if you're sure.The app may stop opening or show security errors.
VPN certificates (such as OpenVPN)βœ… Yes.VPN-The connection will not be established until the certificate is re-installed.

Method 1: Remove certificates via MIUI settings (without root)

This is the simplest method, but it only works for user certificates (manually installed), which cannot be removed.

Instructions:

  1. Open Settings β†’ Passwords and Security β†’ Certificate Management.
  2. Go to the User Certificates tab (if not, see the ADB method).
  3. Click on the certificate you want to remove.
  4. In the window that opens, select Delete (or Disable if you want to temporarily deactivate).
  5. Confirm the action with a password / pattern lock.

⚠️ Note: If the Remove button is inactive (grey), it means that the certificate is protected by the system. ADB or-reset.

Once deleted, restart the device and check if the problem has gone away. If HTTPS errors persist, it may be that the certificate was installed in the system instead of the user's storage (see next section).

β˜‘οΈ Preparation for the removal of certificates

Done: 0 / 4

Method 2: Delete via ADB (for hidden certificates)

If the certificate doesn’t show up in the settings or the delete button is blocked, you can use Android Debug Bridge (ADB).This method requires connecting the phone to your computer, but does not require root rights.

What you need:

  • πŸ–₯️ Computer with installed ADB Tools.
  • πŸ“± Included debugging by USB on Xiaomi (Settings) β†’ The phone. β†’ Version. MIUI β†’ 7 times press to unlock the developer mode, then Settings β†’ Additionally. β†’ For developers β†’ Debugging by USB).
  • πŸ”Œ USB-cable (preferably original).

Steps:

  1. Connect the phone to the computer and confirm the debugging permission on the smartphone screen.
  2. Open the command prompt (Windows) or terminal (macOS/Linux) in the folder with ADB.
  3. Enter the command to view the certificate list: adb shell pm list packages -f | grep -i cert Or to view all user certificates: adb shell ls /data/misc/user/0/cacerts-added/
  4. Remove the certificate by the command (replace the name certificate.0 with the real name from the list): adb shell rm /data/misc/user/0/cacerts-added/certificate name.0
  5. Reboot the device: adb shell reboot

If rm fails (permission denied error), then the certificate is secure, and then only resetting or rooting will help.

πŸ’‘

If you are not sure about the name of the certificate, first copy the list to your computer with the command adb shell ls /data/misc/user/0/cacerts-added/ > certs.txt and examine the file certs.txt.

Method 3: Remove via TWRP (unlocked bootloader required)

If previous methods have failed and the certificate is critical to removal (for example, it interferes with the work of banking applications), you can use the custom TWRP recapver.

  • πŸ”“ Unlocked bootloader (bootloader).
  • πŸ“¦ Established TWRP Recovery.
  • πŸ“„ Backup of data (risk of loss of information!).

Instructions:

  1. Boot to TWRP (turn off the phone, then press Power + Volume up).
  2. Go to Advanced β†’ File Manager.
  3. Open the folder /data/misc/user/0/cacerts-added/.
  4. Delete certificate files (extension.0).
  5. Reset the device.

⚠️ Note: Delete files in TWRP It could crash the system if you delete something that's superfluous. /system or /vendor β€” This will lead to a "brick" of the device!

If the phone doesn’t boot after you delete, restore the backup via TWRP or reset your settings.

πŸ’‘

Use TWRP only as a last resort. For most users, ADB or reset methods are sufficient.

Method 4: Resetting settings (last option)

If the certificate cannot be deleted by other means, and it critically interferes with the device, it will be reset to factory settings, which will delete all user data, but return the system to its original state, including the certificate store.

How to reset:

  1. Create a backup of important data (photos, contacts, messages).
  2. Open Settings β†’ About the phone β†’ Reset settings.
  3. Select to erase all data (reset to factory).
  4. Enter the password from the Mi Account (if linked) and confirm the reset.

Once rebooted, the device will be like new, all user certificates (and others) will be deleted, but this method is radical: with the certificates, all applications, settings, and files will disappear.

If the reset did not help (for example, the certificate was pre-installed in the system partition by the manufacturer), only the flashing of the device through the Fastboot or Mi Flash Tool remains.

Frequent mistakes and their solutions

When deleting certificates, users often face problems, and here are the most common ways to solve them:

Mistake.Reason.Decision
Remove button is inactiveCertificate system or protected by device policiesUse ADB or TWRP (see above)
Permission denied error in ADBNot enough rights to delete the fileGet root or perform a reset settings
After removal, the sites / applications do not work.Removed the required system certificateRestore the certificate through reset or flashing
The certificate appears again after the rebootThe certificate is set by the application or device policyFind and uninstall the app that installs it (e.g. Device Policy)

If you deleted the certificate by mistake and need to restore it, try:

  • πŸ”„ Reinstall the application that used it (for example, VPN-client).
  • πŸ“₯ Download the certificate again (if it is a corporate certificate, ask the administrator for it).
  • πŸ”§ Reset settings (return system certificates).

FAQ: Frequent questions about removing certificates on Xiaomi

Can I delete the certificate without a computer?
Yes, if the certificate is user-generated and appears in MIUI settings. To do this: Go to Settings β†’ Passwords and Security β†’ Certificate Management. Select the User Certificates tab. Click on the certificate and select Delete. If the User Certificates tabs are not available or the button is inactive, you need an ADB.
Why did some websites stop opening after the certificate was deleted?
This means that you have deleted the certificate that was used to authenticate these sites. For example, if you delete the Let's Encrypt certificate, many sites on HTTPS will stop opening. Solution: Check which certificate you deleted (in your browser log or through ADB). Restore it through a reset or reinstallation. If it is a user certificate, try adding it back (file with the.crt or.pem extension).
How to delete the certificate if the phone does not turn on after experiments?
If the device has stuck on the logo or gone to the bootloop after deleting the certificates, try: Hard reset: Press Power + Volume up for 10-15 seconds to force the device to turn off. Boot in Safe Mode: When turned on, press Volume down until "Safe Mode" appears. In this mode, remove problematic applications. Fastboot Fastboot: Download the official firmware for your model from Xiaomi and stream through the Mi Flash Tool. If nothing works, contact the service center - possibly a damaged system section.
Can I delete my Xiaomi certificates without losing my data?
Yes, if you use it. ADB or manual removal through TWRP. However: πŸ”Ή Removal through settings MIUI securely and does not affect user data. πŸ”Ή ADB It also does not delete user files, but requires caution (do not delete files outside the cacerts-added folder). πŸ”Ή Resetting or flashing will delete all data.We recommend that you back up through Settings before any manipulation. β†’ System and device β†’ Backup.
How to check if my Xiaomi has a malicious certificate?
Signs of a malicious certificate: πŸ” Unknown certificates in the list (for example, with the names FakeCA, ProxyCA). 🚨 Antivirus warnings about suspicious connections. πŸ”„ Unexpected browser redirects to strange sites.How to check: Export the certificate through Settings β†’ Certificate Management (click on the certificate) β†’ Export it. Upload the file to the website. crt.sh Or VirusTotal to check. Use apps like NetGuard or PCAPdroid to monitor network traffic.