Xiaomi smartphone security certificates are digital passports that authenticate websites, apps, and networks, and are required for secure Wi-Fi connectivity, banking applications, or corporate VPNs. However, over time, unnecessary or outdated certificates accumulate that can slow down the system, cause connection errors, or even create vulnerabilities for hacker attacks, such as if you once connected to public Wi-Fi in a cafe and agreed to install their certificate, it could stay on the system and now interfere with work.
In this article, you will find step-by-step instructions for removing all types of certificates on Xiaomi, Redmi and POCO phones (including models on MIUI 12/13/14 and HyperOS). We will discuss how user (manually installed) and system (embedded) certificates differ, why some of them can not be removed without root rights, and what to do if banking applications stop working after cleaning.
Types of certificates on Xiaomi: which can be removed and which can not
On Xiaomi smartphones, certificates are divided into three main categories, and their โremovabilityโ depends on the level of access:
- ๐น User Certificates: You have manually installed (for example, to work with the user). VPN They can be deleted without consequences through standard settings.
- ๐ System Certificates: Built into the firmware MIUI/HyperOS They are responsible for authenticating system processes, and they can only be deleted with root rights (which voids the warranty).
- ๐ก๏ธ Update certificates: used to verify the digital signature of firmware, their removal may result in inability to install OTA-update.
Wi-Fi certificates (e.g., 802.1X networks) are stored separately and removed via wireless network settings, and it is important that if you delete the certificate of the network you are connecting to at work or university, you may need to reconfigure the access from the administrator.
| Type of certificate | Can I remove it without root? | Risks of removal | Where it's stored |
|---|---|---|---|
| User-generated (VPN, mail) | โ Yes. | Loss of access to the services for which it was installed | Settings โ Passwords and Security โ Deletion of Certificates |
| System (Google, MIUI) | โ No (root required) | System malfunction, application errors | /system/etc/security/cacerts/ |
| Wi-Fi (802.1X) | โ Yes. | Inability to connect to a secure network | Settings โ Wi-Fi โ [Network] โ Delete the certificate |
| Updates (OTA) | โ No. | Errors in installing firmware | /system/etc/security/otacerts.zip |
โ ๏ธ Note: If you see a name on the list of certificates, DST Root CA X3 Let's Encrypt Authority X3 โ These are outdated root certificates that can cause errors when connecting to some sites, and they can be deleted because they have been replaced with new versions.
How to remove user certificates on Xiaomi (without root)
This is the safest way, which is suitable for 90% of users, and the instructions are relevant for all Xiaomi, Redmi and POCO models on MIUI 12/13/14 and HyperOS:
- Open Settings and go to Passwords and Security (on some firmwares it may be called Additional โ Privacy).
- Select Removal of Certificates (or Account Storage โ User Certificates).
- Enter the password/graphic screen unlock key (if requested).
- You'll see a list of certificates you've installed, click on the one you want, and you'll confirm that you've deleted it.
If the Delete Certificates item is not on the menu, try an alternative path:
Settings โ Applications โ Application Management โ Triplets (โฎ) โ Special Access โ Certificate InstallationHere you will see a list of applications that have installed certificates (such as OpenVPN or FortiClient).Click on the application and select Remove certificates.
Make a backup copy of important data|Remember the names of the certificates to be deleted (in case of restoration)|Check if they are used in banking applications|Restart the phone after removal-->
โ ๏ธ Note: If applications (e.g. Sberbank Online or Tinkoff) have stopped working after the certificate is deleted, try reinstalling them.Bank applications are often tied to specific security certificates.
Removal of Wi-Fi Certificates (802.1X)
Certificates for secure Wi-Fi networks (e.g., universities or offices) are removed separately, and cannot be seen in the general certificate list because they are linked to a specific access point:
- Go to Settings. โ Wi-Fi.
- Click on the name of the network for which you want to delete the certificate and hold your finger for 2 seconds.
- In the menu that appears, select Change Network (or Delete if you want to completely erase settings).
- Scroll down to Certificates (or Security โ Certificate CA) and click Delete.
If the network is not on the list, but you remember its name, try:
Settings โ Passwords and security โ Storage credentials โ Wi-Fi certificatesThis is where all certificates related to wireless networks are stored, and the removal will not affect other types of certificates.
What to do if the Wi-Fi certificate is not deleted?
How to remove system certificates (for experienced users only)
System certificates are deleted only with root rights or through ADB. This is a risky operation, as it can lead to:
- ๐จ Application errors (e.g. Google Play Services) will stop working).
- ๐ Impossibility of updating MIUI (If you delete the signature certificates of firmware).
- ๐ Blocking certain features (such as Mi Pay or Face Unlock).
If you decide to delete the system certificate, follow the instructions:
- Get root access (for example, through Magisk).
- Install a file manager with root support (such as Root Explorer or FX File Explorer).
- Go to /system/etc/security/cacerts/.
- Find the certificate file (usually with the.0 or.crt extension) and delete it.
- Reboot the phone.
To remove via ADB (no root, but with unlocked bootloader):
adb shell
su
mount -o rw,remount /system
rm /system/etc/security/cacerts/[name certificate].0
mount -o ro,remount /system
rebootโ ๏ธ Attention: Deleting system certificates can cause bootloop if you delete the critical file.Be sure to back up the partition before the operation /system through TWRP.
Errors in the removal of certificates and their solutions
Even if you follow the instructions correctly, you can have problems, and here are the most common mistakes and ways to correct them:
| Mistake. | Reason. | Decision |
|---|---|---|
| Failed to remove the certificate | The certificate is protected by device policies (e.g. on the work phone) | Contact the administrator or reset the security settings (Settings โ System โ Reset โ Reset security settings) |
| After removal, the banking application does not work | The application is linked to a specific certificate (e.g. GlobalSign Root CA) | Reinstall the app or restore the certificate from the backup |
| Wi-Fi is connected, but the internet is not working. | Deleted network authentication certificate (e.g. eduroam) | Reconfigure the network connection (a new certificate from the administrator may be required) |
| Certificate verification error when updating MIUI | Firmware signature certificate (otacerts.zip) removed | Restore the certificate from stock firmware or stitch your phone through Fastboot |
If the phone starts to brake or overheat after the certificates are removed, it may be because the system is constantly trying to verify the authenticity of the deleted certificates.
- Restart your phone in Safe Mode (press the power button โ Safe Mode).
- If the problem has disappeared, the third-party app is to blame.
- If the problem remains, reset settings (Settings โ System โ Reset โ Reset all settings).
๐ก
If you deleted the certificate by mistake, try restoring it from a MIUI backup. Go to Settings โ About Phone โ Backup and Reset โ Restore data and select the backup made before deleting.
How to check which certificates are installed on Xiaomi
Before you delete it, itโs helpful to know which certificates are actually installed on your phone.
- ๐ Through settings MIUI: Settings โ Passwords and security โ Accounting repository โ User certificates.
- ๐ฑ Download it from Google Play โ it will show all certificates, including system (but you will not be able to remove system ones without root).
- ๐ป Through ADB: Connect your phone to your PC and execute the command: adb shell pm list packages -f | grep -i cert This will display a list of packages associated with certificates.
For advanced users: To see the full list of system certificates, including hidden ones, use the command:
adb shell ls -la /system/etc/security/cacerts/This will show all the files in the certificate folder. The.0 file extension is the certificate in binary format. To read the contents, copy the file to your PC and open it through OpenSSL:
openssl x509 -inform DER -in [name file].0 -textWhat to do if the certificates appear again after deletion
Sometimes deleted certificates are automatically restored, and this happens for two reasons:
- The app re-installes the certificate, for example, VPN-Customers (such as OpenVPN or NordVPN) or enterprise applications (such as Microsoft Intune) can restore their certificates the next time they run. โ ๏ธ Note: If you see a certificate called PortSwigger CA It reappears, which means that your phone has a security testing app (like Burp Suite) installed.
- The certificate is synced through a Xiaomi/Google account. If you have previously backed up certificates to the cloud, they can be restored when synced. To disable this: Settings โ Accounts โ [Your account] โ Sync โ Disable Certificates
If the certificate is returned, try:
- ๐ Remove the application that installs it (check in Settings) โ Annexes โ Application management โ Installation of certificates).
- ๐ซ Block the installation of certificates through ADB: adb shell pm disable-user --user 0 com.android.credentialmanager (To return back, use enable-user instead of disable-user.)
- ๐ง Perform a reset of security settings: Settings โ System system โ Reset โ Resetting security settings
๐ก
If the certificate reappears, itโs a sign that itโs critical to the operation of an app or service, in which case itโs best to leave it to avoid problems with the functionality of the phone.