I had installed a certificate programmatically.
I am able to uninstall it manually by going Settings -> Security -> Trusted Credentials -> User -> Choose the certificate and click the remove button
I want to remove the certificate programmatically.
Here is the code that I tried but it didn't work.
javax.security.cert.X509Certificate x509 = javax.security.cert.X509Certificate.getInstance(caRootCertBytes);
KeyStore ks = KeyStore.getInstance("AndroidCAStore")
if (ks != null)
{
ks.load(null, null);
Enumeration<String> aliases = ks.aliases();
while (aliases.hasMoreElements())
{
String alias = (String) aliases.nextElement();
java.security.cert.X509Certificate cert = (java.security.cert.X509Certificate) ks.getCertificate(alias);
String name = x509.getIssuerDN().getName();
if (cert.getIssuerDN().getName().contains(name))
{
ks. deleteEntry(alias)
}
}
}
Ref for why I chose deleteEntry
Here is the error log that I got
05-19 18:27:40.789: W/System.err(14588): java.lang.UnsupportedOperationException
05-19 18:27:40.792: W/System.err(14588): at com.android.org.conscrypt.TrustedCertificateKeyStoreSpi.engineDeleteEntry(TrustedCertificateKeyStoreSpi.java:82)
05-19 18:27:40.792: W/System.err(14588): at java.security.KeyStore.deleteEntry(KeyStore.java:410)
05-19 18:27:40.792: W/System.err(14588): at com.proj.test.MyActivity$4.onClick(MyActivity.java:336)
05-19 18:27:40.792: W/System.err(14588): at com.android.internal.app.AlertController$ButtonHandler.handleMessage(AlertController.java:162)
05-19 18:27:40.792: W/System.err(14588): at android.os.Handler.dispatchMessage(Handler.java:102)
05-19 18:27:40.792: W/System.err(14588): at android.os.Looper.loop(Looper.java:135)
05-19 18:27:40.793: W/System.err(14588): at android.app.ActivityThread.main(ActivityThread.java:5254)
05-19 18:27:40.793: W/System.err(14588): at java.lang.reflect.Method.invoke(Native Method)
05-19 18:27:40.794: W/System.err(14588): at java.lang.reflect.Method.invoke(Method.java:372)
05-19 18:27:40.794: W/System.err(14588): at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:903)
05-19 18:27:40.794: W/System.err(14588): at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:698)
This question is somewhat related to my other question
Any help is appreciated !
Press Windows Key + R Key together, type certmgr. msc and hit enter. You will get a new window with the list of Certificates installed on your computer. Locate for the certificate you want to delete and then click on Action button then, click on Delete.
Looks like that implementation of the KeyStoreSpi interface just doesn't support removal:
@Override
public void engineDeleteEntry(String alias) {
throw new UnsupportedOperationException();
}
https://android.googlesource.com/platform/external/conscrypt/+/master/src/platform/java/org/conscrypt/TrustedCertificateKeyStoreSpi.java#81
You can do this in Android 5.x with a device owner using the uninstallCaCert()
method. A device owner can be installed only before the device is provisioned though.
https://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#uninstallCaCert(android.content.ComponentName, byte[])
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With