如何删除应用程序安装信任的CA证书上卸载应用程序 [英] How to remove App installed trusted CA cert on uninstalling the App

问题描述

我有一个应用程序，让选择安装CA证书，它被保存在用户选项卡的受信任的证书的，它按预期工作。

I have an app that gives option to install CA cert and it gets stored in the user tab of Trusted Credentials and it works as expected.

仅供参考 （这是我如何安装证书）：的

Intent installIntent = KeyChain.createInstallIntent();
javax.security.cert.X509Certificate x509 = javax.security.cert.X509Certificate.getInstance(caRootCertBytes);
installIntent.putExtra(KeyChain.EXTRA_CERTIFICATE, x509.getEncoded());
installIntent.putExtra(KeyChain.EXTRA_NAME,caRootCertName);
startActivity(installIntent);

如果应用程序是的卸载的的证书仍然在受信任的证书的。

If the app is uninstalled the cert remains in the Trusted credentials.

我想在应用程序卸载证书被卸载。

I would like the cert to be uninstalled when the application is uninstalled.

我想删除使用证书<一的href="http://developer.android.com/reference/java/security/KeyStore.html#deleteEntry(java.lang.String)">deleteEntry方法密钥库。

I thought of removing the cert using deleteEntry method of KeyStore.

仅供参考 （我没有测试though.Hopefully应该work..I会更新一次，我测试了它）的

javax.security.cert.X509Certificate x509 = javax.security.cert.X509Certificate.getInstance(caRootCertBytes);

KeyStore ks = KeyStore.getInstance("AndroidCAStore")
if (ks != null) 
                        {
                            ks.load(null, null);
                            Enumeration<String> aliases = ks.aliases();
                            while (aliases.hasMoreElements()) 
                            {
                                String alias = (String) aliases.nextElement();
                                java.security.cert.X509Certificate cert = (java.security.cert.X509Certificate) ks.getCertificate(alias);
                                String name = x509.getIssuerDN().getName();                             
                                if (cert.getIssuerDN().getName().contains(name)) 
                                {
                                  ks. deleteEntry(alias)

                                }
                            }
                        }  

尽管如果你认为上面的code工作AFAIK我不能注册广播接收器为我自己的应用程序卸载。

Even though if you consider above code works AFAIK I can't register broadcast receiver for uninstallation of my own app.

如何去删除是在我的应用程序卸载安装的我的应用程序的证书？的

任何帮助是AP preciated！

Any help is appreciated !

推荐答案

你不能让包卸载得到你自己的包广播。 这可能导致不一致在系统中。 看到这回答

you cant get the broadcast of package getting uninstalled for your own package. this may lead to inconsistency in the system. see this answer

这篇关于如何删除应用程序安装信任的CA证书上卸载应用程序的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！