不支持此功能,可能会在将来的版本中破坏等等,但是这里是获取受信任证书列表的方法。您不能添加没有root访问权限的新服务器,因为/
system是只读安装的。但是,如果您确实具有root用户访问权限,则可以使用常规
KeyStoreAPI添加证书。
KeyStore ks = KeyStore.getInstance("BKS");InputStream is = new FileInputStream("/etc/security/cacerts.bks");ks.load(is, "changeit".toCharArray());List<X509Certificate> certs = new ArrayList<X509Certificate>();Enumeration<String> aliases = ks.aliases();while (aliases.hasMoreElements()) { String alias = aliases.nextElement(); X509Certificate cert = (X509Certificate) ks.getCertificate(alias); certs.add(cert);}编辑:这应该与需要硬编码密钥库的路径一起工作:
TrustManagerFactory tmf = TrustManagerFactory .getInstance(TrustManagerFactory.getDefaultAlgorithm());tmf.init((KeyStore) null);X509TrustManager xtm = (X509TrustManager) tmf.getTrustManagers()[0];for (X509Certificate cert : xtm.getAcceptedIssuers()) { String certStr = "S:" + cert.getSubjectDN().getName() + "nI:" + cert.getIssuerDN().getName(); Log.d(TAG, certStr);}
