Detect installed certificate in my android device

KeyChain.createInstallIntent, the created intent will call android.security.certinstaller to install certificates, then the certinstaller will print log when certificates are installed. so you can dump the log cat to check whether certificate is installed or not.(you can get the alias if user changed the store name of certificate)

I used the below piece of Java code to check whether or not my certificate is installed:

try
{
    KeyStore ks = KeyStore.getInstance("AndroidCAStore");
    if (ks != null) 
    {
        ks.load(null, null);
        Enumeration aliases = ks.aliases();
        while (aliases.hasMoreElements()) 
        {
            String alias = (String) aliases.nextElement();
            java.security.cert.X509Certificate cert = (java.security.cert.X509Certificate) ks.getCertificate(alias);

            if (cert.getIssuerDN().getName().contains("MyCert")) 
            {
                isCertExist = true;
                break;
            }
        }
    }
} catch (IOException e) {
    e.printStackTrace();
} catch (KeyStoreException e) {
    e.printStackTrace();
} catch (NoSuchAlgorithmException e) {
    e.printStackTrace();
} catch (java.security.cert.CertificateException e) {
    e.printStackTrace();
}

Adding some additional info to @Android's answer (I cannot comment yet), whose code worked for me only in devices with Android 4.0 or higher.

For devices pre IceCream Sandwich (API < 14):

boolean isCertExist;
    TrustManagerFactory tmf;
    try {
        tmf = TrustManagerFactory.getInstance(TrustManagerFactory
                .getDefaultAlgorithm());

        tmf.init((KeyStore) null);

        X509TrustManager xtm = (X509TrustManager) tmf.getTrustManagers()[0];
        for (X509Certificate cert : xtm.getAcceptedIssuers()) {
            if (cert.getIssuerDN().getName().contains("MyCert")) {
                isCertExist = true;
                break;
            }
        }
    } catch (NoSuchAlgorithmException e) {
        // TODO Auto-generated catch block
        e.printStackTrace();
    } catch (KeyStoreException e) {
        // TODO Auto-generated catch block
        e.printStackTrace();
    }

For devices with Android 4.0 and upwards (API >= 14):

boolean isCertExist;
    try 
    {
        KeyStore ks = KeyStore.getInstance("AndroidCAStore");
        if (ks != null) 
        {
            ks.load(null, null);
            Enumeration aliases = ks.aliases();
            while (aliases.hasMoreElements()) 
            {
                String alias = (String) aliases.nextElement();
                java.security.cert.X509Certificate cert = (java.security.cert.X509Certificate) ks.getCertificate(alias);

                if (cert.getIssuerDN().getName().contains("MyCert")) {
                    isCertExist = true;
                    break;
                }
            }
        }
    } catch (IOException e) {
        e.printStackTrace();
    } catch (KeyStoreException e) {
        e.printStackTrace();
    } catch (NoSuchAlgorithmException e) {
        e.printStackTrace();
    } catch (java.security.cert.CertificateException e) {
        e.printStackTrace();
    }

Detect installed certificate in my android device

Tags:

Android

Certificate

Related

Recent Posts