Firstly export the certificate: Proxy > Options > Import/Export CA certificate > DER Format or download this via http://burp
- put the certificate in android, access with a file manager, and install for "VPN and apps" (can be needed to rename the extension 'der' to 'cer')
- since android 7 (nougat), Apps that target API Level 24 and above no longer trust user or admin-added CAs for secure connections, by default. [1]
- convert DER to PEM, rename and put in the correct directory [2]
CERT="cacert.der" &&
openssl x509 -inform DER -in $CERT -out ca.pem &&
name=$(openssl x509 -inform PEM -subject_hash_old -noout -in ca.pem) &&
mv ca.pem "$name".0 &&
openssl x509 -inform PEM -text -noout -in "$name".0 >> "$name".0 &&
openssl x509 -inform PEM -fingerprint -noout -in "$name".0 >> "$name".0
adb push "$name".0 /data/local/tmp
adb root 2>/dev/null && adb remount 2>/dev/null
adb wait-for-device
adb shell
su -c '
mount -o remount,rw /system 2>/dev/null ; mount -o remount,rw / 2>/dev/null ;
DEST=/system/etc/security/cacerts &&
mv /data/local/tmp/*.0 $DEST &&
chown root:root $DEST/* &&
chmod 644 $DEST/* &&
reboot
'
Thank you barbixxxa, I added this case.