0

I try to access PKI secured services on Android using Java. Certificates were installed on devices through settings->location & security ->Install from SD card.

Seems like on ICS, certificates are shared under /system/etc/security/cacerts while on GingerBread they are in a keystore: /system/etc/security/cacerts.bks.

On ICS I found the KeyChain can read all the installed certificates, so my question is:

Is there a way to access certificates installed from SD card on OS < level 14?

or

If there is a unified way to access certificates installed from SD card on OS >= level 8?

Thanks.

some_other_guy
  • 3,364
  • 4
  • 37
  • 55
Shu Sang
  • 61
  • 1
  • 2
  • 6

2 Answers2

1

There is no way to access those, because only the system user(s) have permission to. However, they are not really useful for third party apps, because only the WiFi and VPN daemons can use them. If you want your own keystore, you can create one for your app and set up HttpClient/URLConnection to use it.

Some more details here:

http://nelenkov.blogspot.com/2011/12/using-custom-certificate-trust-store-on.html

Nikolay Elenkov
  • 52,576
  • 10
  • 84
  • 84
  • Thanks. I am creating a keystore for those certificates now. – Shu Sang Aug 29 '12 at 16:05
  • It is working for me now, you can find some details under "access certificates installed from SD card on OS < level 14" from Android's forum: https://groups.google.com/forum/?fromgroups#!forum/android-security-discuss – Shu Sang Aug 31 '12 at 17:58
0

There is no way to access those, because only the sytem user(s) have permission to. However, they are not really usefull for Third party apps, because only only the Wifi and VPN daemons can Use them. If want your own keystore, you can create one for your app and set up HttpClient/ UTL connection to use it.

Paul Jhon Dela Cruz
  • 1