首页

如何以编程方式删除用户安装的证书?

android java ssl-certificate
2022-09-03 15:20:10

我以编程方式安装了证书。

我可以通过以下方式手动卸载它Settings -> Security -> Trusted Credentials -> User -> Choose the certificate and click the remove button

我想以编程方式删除证书。

这是我尝试过的代码,但它不起作用。

javax.security.cert.X509Certificate x509 = javax.security.cert.X509Certificate.getInstance(caRootCertBytes);

KeyStore ks = KeyStore.getInstance("AndroidCAStore")
if (ks != null) 
{
    ks.load(null, null);
    Enumeration<String> aliases = ks.aliases();
    while (aliases.hasMoreElements()) 
    {
        String alias = (String) aliases.nextElement();
        java.security.cert.X509Certificate cert = (java.security.cert.X509Certificate) ks.getCertificate(alias);
        String name = x509.getIssuerDN().getName();                             
        if (cert.getIssuerDN().getName().contains(name)) 
        {
            ks. deleteEntry(alias)
        }
    }
}

参考我为什么选择删除条目

这是我得到的错误日志

05-19 18:27:40.789: W/System.err(14588): java.lang.UnsupportedOperationException
05-19 18:27:40.792: W/System.err(14588):    at com.android.org.conscrypt.TrustedCertificateKeyStoreSpi.engineDeleteEntry(TrustedCertificateKeyStoreSpi.java:82)
05-19 18:27:40.792: W/System.err(14588):    at java.security.KeyStore.deleteEntry(KeyStore.java:410)
05-19 18:27:40.792: W/System.err(14588):    at com.proj.test.MyActivity$4.onClick(MyActivity.java:336)
05-19 18:27:40.792: W/System.err(14588):    at com.android.internal.app.AlertController$ButtonHandler.handleMessage(AlertController.java:162)
05-19 18:27:40.792: W/System.err(14588):    at android.os.Handler.dispatchMessage(Handler.java:102)
05-19 18:27:40.792: W/System.err(14588):    at android.os.Looper.loop(Looper.java:135)
05-19 18:27:40.793: W/System.err(14588):    at android.app.ActivityThread.main(ActivityThread.java:5254)
05-19 18:27:40.793: W/System.err(14588):    at java.lang.reflect.Method.invoke(Native Method)
05-19 18:27:40.794: W/System.err(14588):    at java.lang.reflect.Method.invoke(Method.java:372)
05-19 18:27:40.794: W/System.err(14588):    at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:903)
05-19 18:27:40.794: W/System.err(14588):    at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:698)

这个问题与我的另一个问题有些关系

任何帮助是值得赞赏的!


答案 1

看起来 KeyStoreSpi 接口的实现只是不支持删除:

@Override
public void engineDeleteEntry(String alias) {
    throw new UnsupportedOperationException();
}

https://android.googlesource.com/platform/external/conscrypt/+/master/src/platform/java/org/conscrypt/TrustedCertificateKeyStoreSpi.java#81


答案 2

您可以在 Android 5.x 中与设备所有者一起使用该方法执行此操作。但是,只能在预配设备之前安装设备所有者。uninstallCaCert()

https://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#uninstallCaCert(android.content.ComponentName, byte[])


推荐
更多 »
标签
更多 »
php pass-by-reference optional-parameters default-value javascript arrays dom function string object serialization tostring visibility syntax jslint use-strict operators equality equality-operator identity-operator datetime timestamp date-arithmetic redirect angularjs loops foreach iteration scope variables
推荐
更多 »