How to get the list of certificates installed in Android 4.0?

Question

How to get the list of certificates installed in Android 4.0?

Android.security.KeyChain # getCertificateChain needs an alias. But I want to get all installed X509Certificate.

+2

android certificate x509

crybird Feb 03 '12 at 6:34

source share

3 answers

Nikolay Elenkov · Answer 1 · 2013-02-18T01:55:18+0000

You can use something like this to list trusted certificates. Not well documented, so this may break in future versions.

KeyStore ks = KeyStore.getInstance("AndroidCAStore"); ks.load(null, null); Enumeration aliases = ks.aliases(); while (aliases.hasMoreElements()) { String alias = aliases.nextElement(); X509Certificate cert = (X509Certificate) ks.getCertificate(alias); Log.d(TAG, "Subject DN: " + cert.getSubjectDN().getName()); Log.d(TAG, "Subject SN: " + cert.getSerialNumber().toString()); Log.d(TAG, "Issuer DN: " + cert.getIssuerDN().getName()); }

Durai Amuthan.H · Answer 2 · 2015-05-24T09:09:54+0000

List of available certificates:

 public void PrintInstalledCertificates( ){ try { KeyStore ks = KeyStore.getInstance("AndroidCAStore"); if (ks != null) { ks.load(null, null); Enumeration<String> aliases = ks.aliases(); while (aliases.hasMoreElements()) { String alias = (String) aliases.nextElement(); java.security.cert.X509Certificate cert = (java.security.cert.X509Certificate) ks.getCertificate(alias); //To print System Certs only if(cert.getIssuerDN().getName().contains("system")) { System.out.println(cert.getIssuerDN().getName()); } //To print User Certs only if(cert.getIssuerDN().getName().contains("user")) { System.out.println(cert.getIssuerDN().getName()); } //To print all certs System.out.println(cert.getIssuerDN().getName()); } } } catch (IOException e) { e.printStackTrace(); } catch (KeyStoreException e) { e.printStackTrace(); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } catch (java.security.cert.CertificateException e) { e.printStackTrace(); } }

Check if the certificate is installed:

 public boolean checkCACertificateInstalled(javax.security.cert.X509Certificate x509){ boolean isCACertificateInstalled = false; try { String name = x509.getIssuerDN().getName(); KeyStore ks = KeyStore.getInstance("AndroidCAStore"); if (ks != null) { ks.load(null, null); Enumeration<String> aliases = ks.aliases(); while (aliases.hasMoreElements()) { String alias = (String) aliases.nextElement(); java.security.cert.X509Certificate cert = (java.security.cert.X509Certificate) ks.getCertificate(alias); if (cert.getIssuerDN().getName().contains(name)) { isCACertificateInstalled = true; break; } } } } catch (IOException e) { e.printStackTrace(); } catch (KeyStoreException e) { e.printStackTrace(); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } catch (java.security.cert.CertificateException e) { e.printStackTrace(); } return isCACertificateInstalled; }

Jens · Answer 3 · 2012-02-03T09:14:18+0000

You cannot - android.security.KeyChain not have methods to extract all the aliases and, even more importantly, even the service it exchanges with (the implementation of the IKeyChainService AIDL interface in KeyChain) provides a method for listing all aliases - thus, grants and storage The keys are internal to this application.

How to get the list of certificates installed in Android 4.0?

List of available certificates:

Check if the certificate is installed:

More articles: