如何在没有用户交互的情况下以编程方式安装根CA无提示

时间:2019-03-05 15:00:11

标签: java android certificate ssl-certificate x509certificate

我正在尝试安装看起来像这样的.crt文件:

-----BEGIN CERTIFICATE-----
MIIDTzCCAjegAwIBAgIUbhD8XaZ8pUjRnXAidB+meQfX4gowDQYJKoZIhvcNAQEL
BQAwNzELMAkGA1UEBhMCVUsxEzARBgNVBAgMClNvbWUtU3RhdGUxEzARBgNVBAoM
CkJldEJsb2NrZXIwHhcNMTkwMzA1MDg1NDQ0WhcNNDkwMjI1MDg1NDQ0WjA3MQsw
CQYDVQQGEwJVSzETMBEGA1UECAwKU29tZS1TdGF0ZTETMBEGA1UECgwKQmV0Qmxv
Y2tlcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJRI3/XLn7pZKSNr
sCHgSd+GUi1FP1xyEKO2kbf5uEWWYH/lCK9g9v5A9PB/hpEnfgUH95iScPMMbbyu
cvTyXczudSs4oPHRXHFJN9anFAuJht+tPm9Q7rI+fLMzorJpw/DfB88gANNuLuNo
RnnRHqbpbZv25xi30VEFcGI4ayoFeh3XYcb+y+mhrxnOi99lQRrAWqVpi0xrShgv
DTUyitei6M0w/TBBzTLyUDOB6+wmyC46+Gz4+j4kf3mEK+jlJEkB9Y2hdREC8g7P
gSu552NkQnRHSqY6PnwpRkQVXnNHskzcOwhO0JTEm/A3EKGkxOhBPE6o3NkfNQJu
B8DeRhUCAwEAAaNTMFEwHQYDVR0OBBYEFHRnP9l0JSA/lkpWCraRjU72m5eBMB8G
A1UdIwQYMBaAFHRnP9l0JSA/lkpWCraRjU72m5eBMA8GA1UdEwEB/wQFMAMBAf8w
DQYJKoZIhvcNAQELBQADggEBAFc2UYgHhVT+0lic4z/6+1CZ0/UBJ3UsrMR5rPIQ
IggCXj1gk2Mj/5Wv0GwmAhRt0+z6fcr9Vg0mH7GmsdvrrzALX++0Nkq16M7wOVUb
llzO9erUrriRVuxDxw8qa9OgSc56HaPzY03SNzqXM0zjeD1zh08W4RZZocT2vtsu
vEAszR7HXRmb3uoCNvBqwuIFv6fPiDxQG/7w8O4mSAjoSAXv3aEGO78eMcQbSrXZ
G0imQfZgZYxX341a288QQ69C2lf24rxi+J/aD2K+keda/mCOGQFE/GgAGHpYxYWe
1o8APgA46AtUnPx2koFs5k6EhRnCvO+tdLoTBYei3Qi4p6Q=
-----END CERTIFICATE-----

但是我没有找到适合我情况的正确解决方案。在问这个问题之前,我看到了很多问题,例如这样的解决方案solution

也尝试了这段代码,但我不希望用户参与证书安装:

Intent intent = KeyChain.createInstallIntent();
InputStream inputStream = getResources().openRawResource(R.raw.root_sertificate);
CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
X509Certificate cert = (X509Certificate)certFactory.generateCertificate(inputStream);
intent.putExtra(KeyChain.EXTRA_CERTIFICATE, cert.getEncoded());
intent.putExtra(KeyChain.EXTRA_NAME, "IAT Cert");
startActivityForResult(intent, 0);

我尝试过的第三种解决方案是:

InputStream inputStream = getResources().openRawResource(R.raw.root_sertificate);
// generate certificate from cert string
CertificateFactory cf = CertificateFactory.getInstance("X.509");
Certificate cert = cf.generateCertificate(inputStream);
KeyStore trustStore  = KeyStore.getInstance(KeyStore.getDefaultType());
trustStore.load(null);//Make an empty store
trustStore.setCertificateEntry("test_alias", cert);

但是在这里我找不到此已安装证书的任何地方。如果有人可以引导我寻求某种解决方案,我会很高兴。

0 个答案:

没有答案
相关问题
最新问题