Yes, its just the cacerts.bks file, although the source certs are in text form in libcore/luni/src/main/files/cacerts/*. If you have a rooted device you can certainly replace cacerts.bks with your own version. There are many acknowledged requests to allow this to be done by the user.
I did a major upgrade of the cacerts.bks in 2.3 and have been proactively updating the CA list since then. -bri On Tue, Jul 12, 2011 at 6:10 AM, Pandit <[email protected]> wrote: > Hello, > > I am looking for getting an update the latest list of root CA > certificates so that Android's browser or others can trust. Is this is > just picking up the cacerts.bks file from the latest Android release > or there is another place to pick? Is there away to update the file > to include a particular CA as well? > > We are using Android 2.2 and we did a test picking up the file > from Nexus One running 2.3 and it has the root CA certificate we are > looking for. > > > Thank you, > -Pandit > > -- > You received this message because you are subscribed to the Google Groups > "Android Security Discussions" group. > To post to this group, send email to > [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/android-security-discuss?hl=en. > > -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
