Category Filter

How to Add Certificates for Android Devices

All the certificates that contain digital data can be used for various purposes such as VPN credentials, identity certificate for Wifi etc. Therefore, Hexnode MDM enables you to add certificates for Android devices.


This feature is available in all plans except Express plan.


The certificate won’t be installed if the device is not secured with a password. If the password is not set on the device and once the certificate policy has been associated, a prompt appears to set the password. The certificate can then be installed after setting a device password.

To Add Certificate


  • Certificates will be silently installed on Samsung Knox Devices.
  • In other devices, you will have to click on Click to Install to install the certificate.
  • Even if the certificate is installed, it will still show Click to Install.

  1. Login to your Hexnode MDM Portal.
  2. Go to Policies.
  3. Select an existing policy or create a new one by clicking on New Policy.
  4. From Android > Security, select Certificates and click on Configure.
  5. Click on Add Certificate and upload the credential certificate.

The certificate will have the following credentials.

  • Credential Name: This field becomes visible once the certificate has been uploaded. It will be filled already. However, you can change the name if required. This name is merely to identify the certificate.
  • Keystore: It specifies the purpose for which the certificate is used. It can take any of the following three options.
    1. Default: This allows the certificate to be used for any purpose within the device.
    2. WIFI: This allows the certificate to be used as identity certificate for WIFI.
    3. VPN and APPS: This allows the certificate to be used as VPN credentials.


    Keystore is valid only for silent installation of the certificates.

  • Credential details: It includes the details of the certificate such as Subject, Issuer and Expiry date.

  • Certificates with extensions .p12 and .cer will be installed silently.
  • For certificates with .p12 extensions, a password will also be available along with the certificate. This password must be provided along with the uploaded certificates.
  • If the password provided is correct, then silent installation takes place. However, if the password provided is incorrect, then you may have to manually install the certificate.

To Associate Policies to Devices / Groups

If the policy has not yet been saved.

  1. Navigate to Policy Targets.
  2. Click on +Add Devices.
  3. Select the devices and click OK.
  4. Click on Save to apply the policies to devices.

Apart from devices, you can also associate the policies to device groups, user and user groups from Policy Targets.

If the policy has been saved, you can associate it with another method.

  1. From Policies, check the policies to be associated.
  2. Click on Manage → Associate Targets and select the device.
  3. Click on Associate to apply policy to the devices.