Android periodically updates it's SDK and somtimes when this happens, old methods for importing a Trusted CA, necessary to proxy SSL traffic, will fail and you must find a new solution. Technically speaking, it's not necessarily the import that is the problem, it's saving those changes between restarts of the emulator. If you've worked with the emulator you'll note that after importing a Trusted CA such as BurpSuite's certificate, the changes only take effect once you've rebooted the emulator. In other words, you actually have to restart the emulator, and without these steps, you'll lose your updated Trusted CA list.
Using Android SDK 19, the solution was to move a temporary file and rename it. Let's begin:
After creating your Android Virtual Device (AVD) named "test"....
Step 1 - Run the emulator
Step 2 - While running, pull the cacerts.bks file
Step 3 - Get the keytool
Step 4 - Import the PortSwigger SSL Certificate into the cacerts.bks file w/ keytool
NOTE: Exporting PortSwigger SSL Certificate instructions here - http://carnal0wnage.attackresearch.com/2010/11/iphone-burp.html
Step 5 - Remount the emulator /system folder with read-write permissions
Step 6 - Push the cacerts.bks file up onto the emulator
Step 7 - Move the tmp file to your local avd directory and rename it to system.img
Step 8 - Restart, rm cacerts.bks, pull down the copy from emulator, ensure certificate still exists in cacerts.bks file
The reason this data persisted was because we moved the temporary copy (emultor-<random string>) from /tmp/android-<myname>/ and renamed it to system.img. Lastly, we placed the image file in the ~/.android/avd/test.avd/ directory.
hack on,
cktricky
