在客户端上以编程方式在没有对话框的情况下安装客户端证书?
我正在尝试使用以下代码在Android上以编程方式安装客户端证书:
I'm trying to install client certificate on android programmatically, using the following code :
Intent clientCertInstall = KeyChain.createInstallIntent();
clientCertInstall.putExtra(KeyChain.EXTRA_PKCS12, clientCert);
clientCertInstall.putExtra(KeyChain.EXTRA_NAME, "Client Cert");
MyActivity.this.startActivityForResult(clientCertInstall, REGISTER_CLIENT_CERT);
安装活动启动时,android要求用户输入证书的密码(尽管没有密码,然后单击确定即可。)
When the installation activity launches, android requests the user to enter password for the certificate (although there is no password and just clicking ok works)
此外,单击确定后,Android要求用户输入证书的名称,尽管我在 KeyChain.EXTRA_NAME中给了他一个名称参数。
More over, after clicking OK the user is requested by android to enter a name for the certificate, although i gave him a name in the "KeyChain.EXTRA_NAME" parameter.
此行为使我的用户感到烦恼,他们不了解证书,只希望它自动安装而没有对话框,我该如何实现呢?避免甚至只有一个对话框也将非常有帮助。
This behavior annoys my users, they don't understand about certificates and just want it to be installed automatically without dialogs, how can i achieve this ? avoiding even one dialog would be very helpful.
谢谢
这是根据设计 。允许应用未经用户批准安装证书将打开对在线交易等SSL保护的通信渠道进行中间人攻击的可能性。就是说,该对话框不会告诉您这些内容,并且无论用户说什么,用户都无疑会按OK。
This is "by design". Allowing apps to install certificates without user approval would open up the possibility of man-in-the-middle attacks on SSL-secured communication channels, such as online banking. That said, the dialog tells you none of this and users would undoubtably press OK regardless of what it said.