The Unofficial Guide To Kaerutomo

by PicelBoi

Looking for the fan-operated Kaerutomo status page? Link

Go back to the guide

IdenTrust Fix (for Android versions 8.1 Oreo and under + older iOS devices)

Under construction! Contact me at @picelboi on discord if I got something wrong!

The Problem

Miitomo is refusing to connect to Kaerutomo servers because the certificates used to verify that the server you're connecting to is actually the server you're connecting to have expired and are unusable.

The Solution(s)

Install the newer certificate onto your Android/iOS device.

  • For unrooted Android devices

    1. Using a web browser of your choice on your Android device, go to https://letsencrypt.org/certs/2024/r11.pem and download the certificate.
    2. After downloading it, open the file and Android should guide you through installing such certificate. After that, Kaerutomo should load, and you should follow this guide for what happens after if you're new to Kaerutomo or need a brush up.
    3. If it doesn't install, go to your phone's settings app and (this can vary between version, devices, and brands, this is according to a LG device on Android 5.1.1)
      Settings - Certificate Management - Install From Storage.
    4. Install for VPNs and Apps (or if that doesn't work, also install for WiFi as well.)
    5. Kaerutomo should work, and if you're new, go take a look at our first launch guide right here.

  • For rooted Android devices/emulators (Graphical, uses a rooted file manager)

    NOTICE: Most Android builds will have set the /system folder to be read-only - so this might not work.

    1. Using a web browser of your choice on your Android device, go to https://letsencrypt.org/certs/2024/r11.pem and download the certificate.
    2. Rename it to 4cdd6f92.0.
    3. Copy the file to /system/etc/security/cacerts.

  • For rooted Android devices/emulators (ADB, requires knowledge of how to use a command line prompt)

    1. If you don't have it, you need ADB (Android Debug Bridge) for this to work. I recommend using Minimal ADB and Fastboot, as it is simple to install. For Linux, refer to your distribution's methods or install like how Google would do it. (This also applies to macOS w/o referring to the whole distribution part.) Link
    2. Launch a command-line prompt (Windows, this would be the Command Prompt or Windows Terminal. For macOS, this would be the included Terminal app. For Linux, your DE's or your preferred terminal emulator)
    3. If you're doing this on an actual device, I assume you know how to enable USB Debugging (if not, Settings - About phone - Build Number - press 5 times. Then go to Settings - Developer options - USB Debugging.) Refer to your emulator's instructions on how to connect via ADB.
    4. Using a web browser of your choice on the computer you're running ADB on, go to https://letsencrypt.org/certs/2024/r11.pem and download the certificate.
    5. Do adb devices and check if you have multiple devices. If so, disconnect the other device.
    6. Move the certificate to anywhere you want using MTP or adb push. If you're using MTP, assume that the path I will mention on later steps will be /sdcard/Directory you put the certificate at/r11.pem (EXAMPLE: /sdcard/Downloads/r11.pem) unless you know the path already.
    7. Launch adb shell and on the shell, type in and enter su. This puts your shell in superuser mode, which requires root access. This will allow us to later move the certificate to where we want it to be.
    8. Do cp PATH_TO_CERTIFICATE /system/etc/security/cacerts/4cdd6f92.0 to copy the certificate to the right place for Android to use.
      • If you receive a "read-only" file system error, execute mount -o rw,remount /
    9. Do chmod 664 /system/etc/security/cacerts/4cdd6f92.0. This will set the correct permissions for Android to access such certificate.