On 2012-10-10 11:26, Nikolay Elenkov wrote: Hi Nikolay, Many thanks for your great articles about Android's inner life :-)
The "Remove" button was indeed placed at an obscure place since it is hidden by text. Google: Please revise this GUI when you add a similar GUI for client certificates. Anders > On Wed, Oct 10, 2012 at 5:23 PM, Anders Rundgren > <[email protected]> wrote: >> Target: JB 4.1 latest SDK/Emulator >> >> I imported an PKCS #11 container during private key select GUI that KeyChain >> puts up. >> The PKCS #12 according to keytool only contained a private key entry, albeit >> with a complete certificate path. >> >> Using the excellent https://github.com/nelenkov/keystore-test app I got the >> message that it is trusted >> when using the private key. Listing the truststore I indeed found the CA >> associated with the path. >> >> Is this the expected behavior? IMO, importing a private key and importing >> a CA cert are >> to different things. I would at least expect the GUI giving me the option >> to install or not. > > It appears this is by design. The import dialog probably said > something like this: > > The package contains: > one user key > one user certificate > one CA certificate > > Unfortunately it doesn't tell you what those are (DN, etc), and there > is no option > to import only the user key. > >> >> BTW, it would have been a reasonable addition letting the Trusted >> Credentials menu >> also remove CAs. Now I have to build such tools myself in order to test my >> code. >> >> > > You can remove them, although it is not quite obvious: tap the cert in > the list, > scroll to the bottom of the 'Security certificate' dialog and press > the 'Remove' > button. > -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
