android – 在我的情况下以编程方式安装X509证书

概述我正在开发一个 Android项目.我有一个PEM证书字符串： -----BEGIN CERTIFICATE-----MIIEczCCA1ugAwIBAgIBADANBgkqhkiG9w0BAQQFAD..AkGA1UEBhMCR0IxEzARBgNVBAgTClNvbWUtU3RhdGUxFDASBgNVBAoTC0..0EgTHRkMTcwNQYDVQQLEy5DbGFzcyAxIFB1 我正在开发一个 Android项目.我有一个PEM证书字符串：

-----BEGIN CERTIFICATE-----MIIEczCCA1ugAwIBAgIBADANBgkqhkiG9w0BAQQFAD..AkGA1UEBhMCR0IxEzARBgNVBAgTClNvbWUtU3RhdGUxFDASBgNVBAoTC0..0EgTHRkMTcwNQYDVQQLEy5DbGFzcyAxIFB1YmxpYyBQcmltYXJ5IENlcn..XRpb24gQXV0aG9y...MANY lines...It8una2gY4l2O//on88r5IWJlm1L0oA8e4fR2yrBHX..adsGeFKkyNrwGi/7vQMfXdGsRrXNGRGnX+vWDZ3/zWI0joDtCkNnqEpVn..HoX-----END CERTIFICATE-----

(我将上面的证书字符串分配给名为CERT_STR的变量)

我将以上PEM字符串转换为X509Certificate：

byte[] certBytes = CERT_STR.getBytes();CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");inputStream certIs = new ByteArrayinputStream(certBytes); // Now I get the X509 certificate from the PEM stringX509Certificate certificate = (X509Certificate) certificateFactory.generateCertificate(certIs);

然后,我尝试通过以下方式以编程方式安装证书：

Intent intent = KeyChain.createInstallintent();// because my PEM only contains a certificate,no private key,so I use EXTRA_CERTIFICATEintent.putExtra(KeyChain.EXTRA_CERTIFICATE,certificate.getEncoded());intent.addFlags(Intent.FLAG_ACTIVITY_NEW_TASK);context.startActivity(intent);

当我运行我的应用程序时,我看到系统对话框d出“Extracting …”,我知道系统正在提取我的证书,但该对话框始终显示“Extracting …”.

为什么？我的代码安装证书在哪里错了？

@H_403_19@解决方法 您可能没有使用正确创建的X509证书.以下工作结束,我没有看到任何“提取…”对话框(Nexus 5X,AndroID 7.0)：

String x509cert = "-----BEGIN CERTIFICATE-----\n" +        "MIICrjCCAhegAwIBAgIJAO9T3E+oW38mMA0GCSqGSIb3DQEBCwUAMHAxCzAJBgNV\n" +        "BAYTAlVaMREwDWYDVQQHDAhUYXNoa2VudDENMAsGA1UECgwERWZpcjEQMA4GA1UE\n" +        "CwwHSVQgZGVwdDEQMA4GA1UEAwwHZWZpci51ejEbMBkGCSqGSIb3DQEJARYMaG9z\n" +        "dEBlZmlyLnV6MB4XDTE2MTExMDA4MjIzMFoXDTE2MtixMDA4MjIzMFowcDELMAkG\n" +        "A1UEBhMCVVoxETAPBgNVBAcMCFRhc2hrZW50MQ0wCwYDVQQKDARFZmlyMRAwDgYD\n" +        "VQQLDAdJVCBkZXB0MRAwDgYDVQQDDAdlZmlyLnV6MRswGQYJKoZIhvcNAQkBFgxo\n" +        "b3N0QGVmaXIudXowgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAL60mG0Gpl7s\n" +        "3qMnZcURB1xk5Qen6FN0+AJB5Z/WHA50n1MUkXNY28rkEYupkxpfEqR+/gXgBUAm\n" +        "FACA3GSdoHMMY1kdeAzxsYbBEbtGKHICF/QFGTqScWmI6uBUwzsLDLv1ELef/zEY\n" +        "Ru/krXtNh8ZNYyfwVKyZaB9+3M2yOqATAgMBAAGjUDBOMB0GA1UdDgQWBBS1nH3O\n" +        "ecLDrIZLZ/f1WsNL/xtuEzAfBgNVHSMEGDAWgBS1nH3OecLDrIZLZ/f1WsNL/xtu\n" +        "EzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4GBAGzjJnXODvF9UHBKHAUF\n" +        "kzisr78Og5BrKyAgdnjH196Jg4MO7RNJdQAmuAIk9aBB/jvAiznhhbcD3mYImH+h\n" +        "F0Scewk5m736ydGhkcUpmxA5ye1hajJs9V7PQD2O4a8rnjslJjiWRWSqxTfH79Ns\n" +        "B7x2HND9LU/iz02ugGJ8vwg8\n" +        "-----END CERTIFICATE-----\n";Intent intent = KeyChain.createInstallintent();intent.putExtra(KeyChain.EXTRA_CERTIFICATE,x509cert.getBytes());startActivity(intent);

为了生成上述证书,我使用了以下步骤(基于Generating Keys and Certificates for SSO)：

$openssl genrsa -out rsaprivkey.pem 1024$openssl req -new -x509 -key rsaprivkey.pem -out rsacert.pem$lsrsacert.pem rsaprivkey.pem

然后我只需将cat rsacert.pem的输出复制/粘贴到x509cert.

希望这可以帮助.

总结

以上是内存溢出为你收集整理的android – 在我的情况下以编程方式安装X509证书全部内容，希望文章能够帮你解决android – 在我的情况下以编程方式安装X509证书所遇到的程序开发问题。

如果觉得内存溢出网站内容还不错，欢迎将内存溢出网站推荐给程序员好友。