I use CAcert.org for most of my X.509 certificates (aka SSL-certificates). It has some very important advantages and disadvantages: being free and being non-default in most systems. Usually it’s not much of a hassle to import the root certificate into a browser, OS or mail client. On Android however, things seemed a little more complex.
CAcert.org does provide some detailed instructions , but they needed some tweaking to work on my MacOSX system. Simply following the instructions got me this helpful error:
keytool error: java.lang.ClassNotFoundException: org.bouncycastle.jce.provider.BouncyCastleProvider