Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit a65707d3 authored by Alex Klyubin's avatar Alex Klyubin
Browse files

Clarify how to replace cert generated by Android Keystore. 

This updates Android Keystore developer documentation to clarify how
to replace the self-signed certificate create by Android Keystore when
it generates a new key pair. Some developers are attempting to use
KeyStore.setCertificateEntry which is the wrong method for this. The
correct method is KeyStore.setKeyEntry.

Bug: 28152878
Change-Id: I306447b7792ecad5fbb49bd691a57bedb5207003
parent e502345d

docs/html/training/articles/keystore.jd

+4 −2
Original line number Diff line number Diff line
@@ -152,8 +152,10 @@ and {@link java.security.KeyPairGenerator} or 


<p>Generating a new {@link java.security.PrivateKey} requires that

  you also specify the initial X.509 attributes that the self-signed

  certificate will have. You can replace the certificate at a later

  time with a certificate signed by a Certificate Authority.</p>

  certificate will have. You can use

  {@link java.security.KeyStore#setKeyEntry(String, java.security.Key, char[], java.security.cert.Certificate[]) KeyStore.setKeyEntry}

  to replace the certificate at a later time with a certificate signed

  by a Certificate Authority (CA).</p>



<p>To generate the key, use a {@link java.security.KeyPairGenerator}

  with {@link android.security.KeyPairGeneratorSpec}:</p>