You can use something like tmf = TrustManargerFactory.getInstance(TrustManargerFactory.getDefaultAlgorithm()); tmf.init((KeyStore) null); // use default platform set of trusted CAs tms = tmf.getTrustManagers()
then search the array for an X509TrustManager. you don't want to implementing your own. note that your chain probably needs to have an intermediate added you can wrap this with using X509TrustManagerExtensions http://developer.android.com/reference/android/net/http/X509TrustManagerExtensions.html if you need to get the chain you passed in extended with the trusted CA. There isn't a public API that can give you the list of current CAs, at least not without relying on implicit implementation details. but the really question is what you are trying to do. if you use SSLSocket or HttpsURLConnection with the system defaults, it will check against the system CAs. -bri On Fri, Jun 27, 2014 at 9:03 AM, Vetrichelvan G <[email protected]> wrote: > > Hi All, > > I am having one server certificate and I have to check whether the issuer of > this certificate exists in the android trust store or not. > > How to achieve this one? From the net I found we can use the > checkServerTrusted method present in X509TrustManager interface. > > cert = my server certificate > > 1.Creating certificate chain that can be passed for validation > > X509Certificate certs [] = new X509Certificate [] {cert}; > > 2. > public class Myclass implements X509TrustManager { > // Activity activity = null; > String[] trustedCertificate = new String[0]; > > public void checkClientTrusted(X509Certificate[] chain, String authType) > throws CertificateException > { > } > > public void checkServerTrusted(X509Certificate[] chain, String authType) > throws CertificateException > { > > } > > > Here my question is how can I get all the certificates present in Truststore > in array or in some other format. > > Any help will be really appreciatable. > > > > > > > -- > You received this message because you are subscribed to the Google Groups > "Android Security Discussions" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to > [email protected]. > Visit this group at http://groups.google.com/group/android-security-discuss. > For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/android-security-discuss. For more options, visit https://groups.google.com/d/optout.
