On Wed, Feb 22, 2012 at 10:21 PM, Ab <[email protected]> wrote:
> I am using the below code to retrieve this list. It seems to work,
> however it doesn't seem particularly safe/smart because I can't find
> any documentation that indicates the .bks file will always be
> available at the hard coded location.
>
> Is this method reasonable, or is there a safer/smarter way to go about
> this?
>
Should work on 2.x versions, unless it's heavily customized. That said,
some Motorola phones offer a system menu to add/remove trust anchors
on 2.x, so they may have moved the store to a mutable location.
You can get the same result by getting the default TrustManager and listing
the trust anchors. That way you don't have to hardcode the trust store path,
and it should work on all versions (including ICS). Something like this:
TrustManagerFactory tmf = TrustManagerFactory
.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init((KeyStore) null);
X509TrustManager xtm = (X509TrustManager) tmf.getTrustManagers()[0];
for (X509Certificate cert : xtm.getAcceptedIssuers()) {
String certStr = "S:" + cert.getSubjectDN().getName() + "\nI:"
+ cert.getIssuerDN().getName();
Log.d(TAG, certStr);
}
Some discussion here:
http://nelenkov.blogspot.com/2011/12/using-custom-certificate-trust-store-on.html
--
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en
