you power on your tablet, to decrypt it.
Work with certificates
You can use digital certificates to identify your device for a variety
of purposes, including VPN or Wi-Fi network access as well as
authentication to servers by apps such as email or browser. To
use a certificate to identify your device, you must obtain it with
help from your system administrator, and install it in your device's
trusted credential storage .
Android supports DER-encoded X.509 certificates, saved in files
with a .crt or .cer file extension. If your certificate file has a .der
or other extension, you must change it to .crt or .cer or you won't
be able to install it.
Android also supports X.509 certificates saved in PKCS#12 key
store files with a .p12 or .pfx extension. If your key store has some
other extension, you much change it to .p12 or .pfx or you won't
be able to install it. When you install a certificate from a PKCS#12
key store, Android also installs any accompanying private key or
certificate authority certificates.
Install client & CA certificates
To install a certificate from your tablet's internal storage:
1. Copy the certificate or key store from your computer to the
root of your device's internal storage (that is, not in a folder).
> Install from storage.
Nexus 7 Guidebook
Settings > Personal > Security > Credential storage
seCuRe YouR TAbLeT