Андрей Савушкин
Feb 07, 2018
1:15 pm

Install Certificate return false

where to get the private key?

X509Certificate certC = null;
try {
    certC = X509Certificate.getInstance(new FileInputStream(certFile));
} catch (CertificateException | FileNotFoundException e) {
    e.printStackTrace();
}
EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(UpdateCertificateActivity.this);
ClientCertificateManager clientCertificateManager = ekm.getClientCertificateManagerPolicy();
CertificateProfile certificateProfile = new CertificateProfile();
certificateProfile.allowWiFi = true;
certificateProfile.allowAllPackages = true;
certificateProfile.isCSRResponse = true;
try {
    boolean result = clientCertificateManager.installCertificate(certificateProfile, certC.getEncoded(), null);
    if (result) {
        Log.e("Success", "suc");
    } else {
        Log.e("Error", "err ");
    }
} catch (Exception e) {
    Log.e("Error", "Exception: " + e);
}
Samuel Goldwax
Feb 07, 2018
6:42 pm

Hello,

Could you ensure that the certificateBuffer is being passed a correctly formatted byte[]? As per the API reference, installCertificate requires  the buffer to be in PKCS12 or PEM format.

Thanks,
Sam

Андрей Савушкин
Feb 08, 2018
8:08 am

Do the .cer extension have a PEM format? And has such lines as
----- BEGIN CERTIFICATE -----
----- END CERTIFICATE -----
correctly?

bytes = [B@aac999f

boolean result = clientCertificateManager.installCertificate(certificateProfile, bytes /* [B@aac999f */ , null);
Samuel Goldwax
Feb 22, 2018
6:11 pm

Hello,

That looks to be correctly formatted. Could you try installing the certificate using this sample app and see if it works on your device? Just to confirm that it is not a device-side issue.

Thanks,

Sam