Java 需要帮助理解GetAcceptedAssuers方法吗_Java_Android_X509certificate

Java 需要帮助理解GetAcceptedAssuers方法吗

java android

Java 需要帮助理解GetAcceptedAssuers方法吗,java,android,x509certificate,Java,Android,X509certificate,我正在编写一个代码，从android设备获取所有可信证书这是我的密码 public class MyX509TrustManager implements X509TrustManager { X509TrustManager pkixTrustManager; public MyX509TrustManager(KeyStore keystore) throws Exception { TrustManagerFactory tmf = TrustManagerF

我正在编写一个代码，从android设备获取所有可信证书

这是我的密码

public class MyX509TrustManager implements X509TrustManager {
X509TrustManager pkixTrustManager;

public MyX509TrustManager(KeyStore keystore)
        throws Exception {

    TrustManagerFactory tmf = TrustManagerFactory.getInstance("X509");
    tmf.init(keystore);

    TrustManager tms[] = tmf.getTrustManagers();

    for (int i = 0; i < tms.length; i++) {
        if (tms[i] instanceof X509TrustManager) {
            pkixTrustManager = (X509TrustManager) tms[i];

            System.out.println("The class is " + pkixTrustManager.getClass());
            return;
        }
    }

    throw new Exception("Couldn't initialize");
}

public void checkClientTrusted(X509Certificate[] arg0, String arg1)
        throws CertificateException {

    try {
        pkixTrustManager.checkClientTrusted(arg0, arg1);
    } catch (CertificateException excep) {

    }

}

public void checkServerTrusted(X509Certificate[] arg0, String arg1)
        throws CertificateException {
    // TODO Auto-generated method stub
    try {
        pkixTrustManager.checkServerTrusted(arg0, arg1);
    } catch (CertificateException excep) {

    }
}

public X509Certificate[] getAcceptedIssuers() {


    System.out.println("Control inside the issuers method");

    System.out.println( "Number of trusted certificates is "+   pkixTrustManager.getAcceptedIssuers().length);
    return pkixTrustManager.getAcceptedIssuers();

}
}

如何使用可信证书加载密钥库？

调用构造函数时提供的密钥库

MyX509TrustManager（密钥库密钥库）

未持有任何证书颁发机构的任何证书

例如，您可以创建密钥库对象，并用文件系统中密钥库的内容（密钥、证书、CA证书等）填充该对象：

KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());

// get user password and file input stream
char[] password = "password of the keystore in the file system";

java.io.FileInputStream fis = null;
try {
    fis = new java.io.FileInputStream("keyStoreName");
    ks.load(fis, password);
} finally {
    if (fis != null) {
        fis.close();
    }
}

这意味着您的密钥库中没有受信任的证书。你有其他理由相信吗？证据？看起来您正在创建密钥库对象，但从未加载它。所以它是空的。因此，它没有可接受的发行人。如果您删除所有这些代码并只使用默认的SSLContext，那么您应该使用平台提供的任何受信任的发行者。您能告诉我如何使用SSLContext实现这一点吗。我在网上搜索了一下，但没有弄清楚。提前感谢。呃，SSLContext.getDefault（）？你没有找到，谢谢你的回复。我在另一个类中调用MyX509TrustManager的构造函数，如KeyStore ks=KeyStore.getInstance（KeyStore.getDefaultType（））；//getDefaultType（）返回“BKS”MyX509TrustManager mm=new MyX509TrustManager（ks）；X509Certificate[]trucerts=m.getAcceptedIssuers（）；在这里，如何使用可信证书加载密钥库。感谢您的帮助…您正在将一个空密钥库加载到MyX509TrustManager中。因此，MyX509TrustManager在密钥库中找不到任何信任管理器并不奇怪。我为您编写了一个示例，演示如何加载现有密钥库。因此，您只需使用用户

keytool

即可创建符合您需要的密钥库。我可以使用X509certificate[]trustCertificate=new X509certificate[0]在android手机中获取受信任的证书；TrustManagerFactory tmf=TrustManagerFactory.getInstance（TrustManagerFactory.getDefaultAlgorithm（））；init（（密钥库）null）；X509TrustManager xtm=（X509TrustManager）tmf.getTrustManager（）[0]；对于（int i=0；i

KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());

// get user password and file input stream
char[] password = "password of the keystore in the file system";

java.io.FileInputStream fis = null;
try {
    fis = new java.io.FileInputStream("keyStoreName");
    ks.load(fis, password);
} finally {
    if (fis != null) {
        fis.close();
    }
}