Works well ;) just did the test. Thanks !! Laurent
On Thu, Mar 20, 2014 at 12:16 AM, Brian Carlstrom <[email protected]> wrote: > The simplest way is probably something like the below. > > -bri > > X509Certificate[] chain = ...; // create with CertificateFactory, > include any intermediates you need, but root is unneeded. > > TrustManagerFactory tmf = > TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); > tmf.init((KeyStore null); > TrustManager[] tms = tmf.getTrustManagers(); > X509TrustManager tm = (X509TrustManager)tms[0]; > tm.checkServerTrusted(chain, "RSA"); // throws CertificateException on > error > > > On Wed, Mar 19, 2014 at 3:58 PM, laurent feron <[email protected]> wrote: > > Hello, > > > > i would like to check the validity of one certificate my application has > > against Android system... Meaning check that the certificate has been > well > > signed by one root certificate in the Android trusted certificate store. > > > > i know there is this class javax.security.cert.Certificate that providse > a > > verify(PublicKey key) method: '"Verifies that this certificate was signed > > with the given public key." > > in this case, i have to retrieve all public keys of all root > certificates in > > the trust store, and then use this method to check if one of them has > signed > > my certificate. not very nice ... > > > > Is there a simple method that tell you if the certificate is valid or not > > based on the Android trust store? > > Like on Windows, you can see quickly if the certificate is valid on IE, > > moreover it gives you the certificate path !! > > > > Thanks in advance (i'm quite new on android/java) > > > > Regards, > > Laurent Feron > > > > > > > > > > -- > > You received this message because you are subscribed to the Google Groups > > "Android Security Discussions" group. > > To unsubscribe from this group and stop receiving emails from it, send an > > email to [email protected]. > > To post to this group, send email to > > [email protected]. > > Visit this group at > http://groups.google.com/group/android-security-discuss. > > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/android-security-discuss. For more options, visit https://groups.google.com/d/optout.
