My phone can't be rooted but I want to MITM my own traffic. Is there any downside to enrolling my device as a managed enterprise device and installing a certificate through the program? It seems possible, but I have not come across this solution anywhere on the internet so I was wondering if there is a downside.
Your question (or at least the answer) is more development-oriented. But I take the opportunity to share my limited knowledge from an end-user's perspective.
Is there any downside to enrolling my device as a managed enterprise device and installing a certificate through the program?
Yes. The cost, and complexity.
In order to use Enterprise Mobility Management (EMM) on Android, you need to buy a Mobile Device Management (MDM) suite. Usually organizations do that for their employees; it has an initial setup cost and a recurring subscription fee per device.
Or you may think about developing a solution of your own. Developing a full-fledged EMM solution may take months and years. It may include building an EMM console (usually a web interface) to set policies, a back-end EMM server to hold policies, and a Device Policy Controller (DPC, or Work Policy Controller) app which fetches policies from server and enforces on device.
But as mentioned by @Robert in comment, Google doesn't want you use your own DPC app (which was a part of Google Play EMM API since Android 5):
"Android Enterprise is no longer accepting new registrations for custom device policy controllers (DPCs). Learn more."
The latest recommended solution is to use Google's Android Management API (after doing a partnership with Google as EMM solution provider) which enforces policies on devices using Google's Android Device Policy DPC app, and also provides additional features (by making use of privileged Play Services) which haven't been part of previous implementations. It covers all possible scenarios including Work Profile (on user-owned or company-owned devices) and Fully-Managed devices (with no personal profile). Both should not to be confused with Android's multiple users.
So I don't think you'd want to go this far just to install a root/leaf CA. However there's a possibility to develop a simple standalone DPC app based on Android's Device Administration API (which the above stated solutions use under the hood), without integrating with any remote API. Shelter is an example of such use case, which provides app isolation / duplication by creating a Work Profile (it's open source, I've no affiliation). Using admin APIs it's possible to grant access to a client certificate, that's what you want. However as stated in (the link you provided: "... certificate is available to ... apps installed in the work profile", and) the official documentation:
"All apps within the profile will be able to access the certificate chain and use the private key ..."
So if you want to use the installed CA for all of your apps (including those installed in the personal / device-owner profile), your DPC must run in Fully-Managed mode, not a Work Profile. Luckily Google provides a Test DPC app which may run in both modes. It allows installing a CA, so can be a good starting point:
Quoted from Android Developers Blog:
"Apps that target API Level 24 and above no longer trust user or admin-added CAs for secure connections, by default."
"But app developers can choose to let their apps work with manually added CA certificates" by adding <certificates src="user" /> to Network security configuration. So in this case an EMM- / admin-added CA is no way different than a user-added CA, while the latter is very simple to achieve.
Q & A