Vavada - это онлайн-казино, предоставляющее широкий выбор азартных игр, включая слоты, рулетку, блэкджек и другие. Vavada привлекает игроков разнообразными бонусами и акциями.

In light of all the discussions about maintaining a secure posture on trusted certificates, we oftentimes forget about the little guys. In this case, I’m talking about our mobile devices. We tend to forget that these devices are just as vulnerable as our desktop/laptops. Unfortunately, it’s not always easy to manage the certificates on these devices. But if you own an Android device and would like to take a little more control over what your device is trusting, here’s how you can do it.

Remove a CA Cert from Android System
The bouncycastle library will be required, you can grab it here:
BouncyCastle Library

You’ll need the Android-SDK as well in order to utilize ADB. It can be found here if you don’t already have it:
Android SDK

  1. Move the jar into the $JAVA_HOME%\lib\ext folder. It’s most likely in a place like this:

    C:\Program Files (x86)\Java\jre6\lib\ext\


  2. Connect your USB cable to your phone and verify with adb that it is seen as attached. [%android-sdk% is the location of the Android SDK installed on your system]

    %android-sdk%\tools> adb devices


  3. You’ll need to grab the cacerts.bks file from your phone using adb:

    %android-sdk%\tools>adb pull /system/etc/security/
    cacerts.bks cacerts.bks


  4. Now let’s extract the cacerts.bks to a human readable format (there are other ways of reading bks files, but this is an easy route)

    %android-sdk%\tools>"%JAVA_HOME%\keytool.exe" -keystore
    cacerts.bks -storetype BKS -provider org.bouncycastle.jce
    .provider.BouncyCastleProvider -storepass changeit -v
    -list > calist.txt


  6. Open the newly created calist.txt file and search for the desired CA Cert ( DigiNotar CA in our case). You’ll want to identify the alias name number. You’ll use this to identify the certificate so that you can remove it with keytool.exe:

    Alias name: 61
    Creation date: Feb 8, 2011
    Entry type: trustedCertEntry
    Owner: C=NL,O=DigiNotar,CN=DigiNotar Root CA,
    Issuer: C=NL,O=DigiNotar,CN=DigiNotar Root CA,
    Serial number: c76da9c910c4e2c9efe15d058933c4c
    Valid from: Wed May 16 17:19:36 UTC 2007
    until: Mon Mar 31 18:19:21 UTC 2025
    Certificate fingerprints:
    MD5:  7A:79:54:4D:07:92:3B:5B:FF:41:F0:0E:C7:39:A2:98
    SHA1: C0:60:ED:44:CB:D8:81:BD:0E:F8:6C:0B:A2:87:DD:CF:81:67:47:8C
    Signature algorithm name: SHA1WithRSAEncryption
    Version: 3


    %android-sdk%\tools>"%JAVA_HOME%\bin\keytool.exe" -keystore
    cacerts.bks -storetype BKS -provider org.bouncycastle.jce.
    provider.BouncyCastleProvider -storepass changeit -v -delete
    -alias <alias name number>


    For example:

    %android-sdk%\tools>"%JAVA_HOME%\bin\keytool.exe" -keystore
    cacerts.bks -storetype BKS -provider org.bouncycastle.jce
    .provider.BouncyCastleProvider -storepass changeit -v
    -delete -alias 61


    You’ll probably want to repeat this process for the Comodo certificates as well if you’re really security minded (of course you are).

  8. Once you’ve removed the certificate you can push the cacerts.bks back to your phone for usage:

    %android-sdk%\tools>adb remount


    %android-sdk%\tools>adb push cacert.bks /system/etc/security/


  10. The final step will require you to reboot your phone so that Android can reload the cacerts.bks.
  11. Enjoy!


If you have root access and don’t feel like going through ADB and all the SDK installation, the GuardianProject has created an Android app (CACertMan) that is targeted at doing the above for you and letting you manage your certs yourself. You can check it out here. It is still in beta and isn’t 100% compatible yet, hence the manual instructions above.