Known source but not from Google Play

Question

I need to distribute an internal enterprise app for Android and would prefer not to use Google Play. There are around 12 000 users in the organization and most of them have not turned on the checkbox for "Unknown sources" in application settings. Is there a way around this? I am considering options like:

• Is it possible to sign the application using a globally trusted certificate from like Verisign/Symantec or Thawte?

• Is it possible to preload some kind of root certificate or public certificate on the devices beforehand and in this way make the device treat the apps I want to distribute to come from a known source?

EDIT: Additional question

• Is it possible to develop an app and upload it to Google Play and have that app install the enterprise app even though the enterprise app is not signed by a trusted source? If I set the Google Play app as an MDM app?

Answer 1

Is it possible to sign the application using a globally trusted certificate from like Verisign/Symantec or Thawte?

You can sign with whatever signing key you like, but it does not change the distribution options.

Is it possible to preload some kind of root certificate or public certificate on the devices beforehand and in this way make the device treat the apps I want to distribute to come from a known source?

With your own custom ROM mod and custom build of the Android OS, presumably. With stock devices, no.