Android has a slight problem that only rears its ugly head once every blue moon, but when it does, it causes some panic. Fortunately, Google has a solution in Android 14 that nips this problem in the bud. The problem is that the Android system’s root certificate store (root store) could only be updated via an over-the-air (OTA) update for most of Android’s existence. While OEMs and carriers have gotten better at pushing out updates more quickly and frequently, things could still be better. That’s why Google has devised a solution to make Android’s root store updatable via Google Play, starting in Android 14.
When you go online every day, you trust that your device’s software is configured properly to point you to the right servers hosting the websites you want to visit. Establishing the right connection is important so you don’t end up on a server owned by someone with bad intentions, but securely establishing that connection is also important so any data you send to that server is encrypted in transit (TLS) and hopefully can’t be easily snooped on. Your OS, web browser, and apps will only establish secure connections with servers on the Internet (HTTPS), though, if they trust the server’s (TLS) security certificate.
Since there are so, so many websites on the Internet, though, OSes, web browsers, and apps don’t maintain a list of every site’s security certificate that they trust. Instead, they look to see who signed the security certificate issued to the site: Was it self-signed or signed by another entity (a certificate authority [CA]) they trust? This chain of validations can be several layers deep until you reach a root CA that issued the security certificate used to sign the certificate that eventually signed the certificate issued to the site you’re visiting.
The number of root CAs is much, much smaller than the number of websites that have security certificates issued by them, either directly or through one or more intermediary CAs, thus making it feasible for OSes and web browsers to maintain a list of root CA certificates that they trust. Android, for example, has a list of trusted root certificates that are shipped in the OS’s read-only system partition at /system/etc/security/cacerts. If apps don’t limit which certificates to trust, a practice called certificate pinning, then they default to using the OS’s root store when deciding whether to trust a security certificate. Since the “system” partition is read-only, Android’s root store is immutable outside of an OS update, which can pose a problem when Google wants to remove or add a new root certificate.
Sometimes, a root certificate is about to expire, potentially leading to sites and services breaking and web browsers throwing up warnings about insecure connections. In some cases, the CA that issued a root certificate is suspected to be malicious or compromised. Or a new root certificate crops up that needs to get itself added to every major OS’s root store before the CA can actually start signing certificates. Android’s root store doesn’t need to be updated all that often, but it happens enough that Android’s relatively slow pace of updates becomes a problem.
Starting in Android 14, however, Android’s root store has become updatable via Google Play. Android 14 now has two directories containing the OS’s root store: the aforementioned, immutable-outside-of-OTA /system/etc/security/cacerts location and the new, updatable /apex/com.[google].android.conscrypt/security/cacerts directory. The latter is contained within the Conscrypt module, a Project Mainline module introduced in Android 10 that provides Android’s TLS implementation. Since the Conscrypt module is updatable through Google Play System Updates, that means Android’s root store will be, too.
Apart from making Android’s root store updatable, Android 14 also adds and removes some root certificates as part of Google’s annual update to the system root store.
The root certificates that have been added to Android 14 include:
- AC RAIZ FNMT-RCM SERVIDORES SEGUROS
- ANF Secure Server Root CA
- Autoridad de Certificacion Firmaprofesional CIF A62634068
- Certainly Root E1
- Certainly Root R1
- Certum EC-384 CA
- Certum Trusted Root CA
- D-TRUST BR Root CA 1 2020
- D-TRUST EV Root CA 1 2020
- DigiCert TLS ECC P384 Root G5
- DigiCert TLS RSA4096 Root G5
- GLOBALTRUST 2020
- GlobalSign Root E46
- GlobalSign Root R46
- HARICA TLS ECC Root CA 2021
- HARICA TLS RSA Root CA 2021
- HiPKI Root CA - G1
- ISRG Root X2
- Security Communication ECC RootCA1
- Security Communication RootCA3
- Telia Root CA v2
- Tugra Global Root CA ECC v3
- Tugra Global Root CA RSA v3
- TunTrust Root CA
- vTrus ECC Root CA
- vTrus Root CA
The root certificates that have been removed in Android 14 include:
- Chambers of Commerce Root - 2008
- Cybertrust Global Root
- DST Root CA X3
- EC-ACC
- GeoTrust Primary Certification Authority - G2
- Global Chambersign Root 2008
- GlobalSign
- Hellenic Academic and Research Institutions RootCA 2011
- Network Solutions Certificate Authority
- QuoVadis Root Certification Authority
- Sonera Class2 CA
- Staat der Nederlanden EV Root CA
- Staat der Nederlanden Root CA - G3
- TrustCor ECA-1
- TrustCor RootCert CA-1
- TrustCor RootCert CA-2
- Trustis FPS Root CA
- VeriSign Universal Root Certification Authority
For a more in-depth explanation of TLS certificates, you should read my colleague Adam Conway’s article here. For a more thorough analysis of how Android 14’s updatable root store works and why it came to be, check out the article I previously wrote on the subject.