Hi, My question is simple.
I would like to check whether my certificate has been well signed by any one of root certificate in the Android trusted certificate store(needs to be validated against root CA and intermediate CA). How can I achieve that. Sorry. I didn't the answer from your post. Currently i am having x509 certificate which needs to be validated. Brian please help me on this please. On Sun, Jun 29, 2014 at 8:19 AM, Brian Carlstrom <[email protected]> wrote: > You can use something like > > tmf = > TrustManargerFactory.getInstance(TrustManargerFactory.getDefaultAlgorithm()); > tmf.init((KeyStore) null); // use default platform set of trusted CAs > tms = tmf.getTrustManagers() > > then search the array for an X509TrustManager. you don't want to > implementing your own. > > note that your chain probably needs to have an intermediate added > > you can wrap this with using X509TrustManagerExtensions > > > http://developer.android.com/reference/android/net/http/X509TrustManagerExtensions.html > > if you need to get the chain you passed in extended with the trusted CA. > > There isn't a public API that can give you the list of current CAs, at > least not without relying on implicit implementation details. > > but the really question is what you are trying to do. if you use > SSLSocket or HttpsURLConnection with the system defaults, it will > check against the system CAs. > > -bri > > On Fri, Jun 27, 2014 at 9:03 AM, Vetrichelvan G > <[email protected]> wrote: > > > > Hi All, > > > > I am having one server certificate and I have to check whether the > issuer of > > this certificate exists in the android trust store or not. > > > > How to achieve this one? From the net I found we can use the > > checkServerTrusted method present in X509TrustManager interface. > > > > cert = my server certificate > > > > 1.Creating certificate chain that can be passed for validation > > > > X509Certificate certs [] = new X509Certificate [] {cert}; > > > > 2. > > public class Myclass implements X509TrustManager { > > // Activity activity = null; > > String[] trustedCertificate = new String[0]; > > > > public void checkClientTrusted(X509Certificate[] chain, String > authType) > > throws CertificateException > > { > > } > > > > public void checkServerTrusted(X509Certificate[] chain, String > authType) > > throws CertificateException > > { > > > > } > > > > > > Here my question is how can I get all the certificates present in > Truststore > > in array or in some other format. > > > > Any help will be really appreciatable. > > > > > > > > > > > > > > -- > > You received this message because you are subscribed to the Google Groups > > "Android Security Discussions" group. > > To unsubscribe from this group and stop receiving emails from it, send an > > email to [email protected]. > > To post to this group, send email to > > [email protected]. > > Visit this group at > http://groups.google.com/group/android-security-discuss. > > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/android-security-discuss. For more options, visit https://groups.google.com/d/optout.
