首先鸣谢OPEN AI

拉取证书

adb pull /system/etc/security/cacerts/ C:\Users\29676\Desktop\charles\old

系统所有证书被拉取到本地

C:\Users\29676\Desktop\charles\old\cacerts
λ ls
00673b5b.0  31188b5e.0  5a250ea7.0  87753b0d.0  aeb67534.0  d4c339cb.0
02756ea4.0  343eb6cb.0  5a3f0ff8.0  882de061.0  b0ed035a.0  d59297b8.0
04f60c28.0  35105088.0  5cf9d536.0  89c02a45.0  b0f3e76e.0  d66b55d9.0
0d5a4e1c.0  3929ec9f.0  5e4e69e7.0  8d6437c3.0  b3fb433b.0  d6e6eab9.0
0d69c7e1.0  399e7759.0  5f47b495.0  91739615.0  b7db1890.0  d7746a63.0
10531352.0  3a3b02ce.0  60afe812.0  9282e51c.0  b872f2b4.0  d8317ada.0
111e6273.0  3ad48a91.0  6187b673.0  9339512a.0  b936d1c6.0  dbc54cab.0
12d55845.0  3c58f906.0  63a2c897.0  9479c8c3.0  bc3f2570.0  dc99f41e.0
17b51fe6.0  3c6676aa.0  67495436.0  9576d26b.0  bdacca6f.0  dfc0fe80.0
1dac3003.0  3c860d51.0  69105f4f.0  95aff9e3.0  bf64f35b.0  e442e424.0
1dcd6f4c.0  3c9a4d3b.0  6e8bf996.0  9685a493.0  c491639e.0  e48193cf.0
1df5a75f.0  3d441de8.0  6fcc125d.0  9772ca32.0  c51c224c.0  e5c3944b.0
1e1eab7c.0  3e7271e8.0  75680d2e.0  9c3323d4.0  c7e2a638.0  e775ed2d.0
1e8e7201.0  40dc992e.0  76579174.0  9d6523ce.0  c907e29b.0  e8651083.0
1eb37bdf.0  418595b9.0  7672ac4b.0  9dbefe7b.0  c90bc37d.0  ea169617.0
1f58a078.0  455f1b52.0  7999be0d.0  9f533518.0  cb156124.0  ed39abd0.0
21855f49.0  48a195d8.0  7a7c655d.0  a0bc6fbb.0  cb1c3204.0  ee7cd6fb.0
219d9499.0  4be590e0.0  7a819ef2.0  a2c66da8.0  ccc52f49.0  f227f868.0
23f4c490.0  4e18c148.0  7d453d8f.0  a3896b44.0  cf701eeb.0  facacbc6.0
27af790d.0  5046c355.0  81b9768f.0  a7605362.0  d06393bb.0  fb5fa911.0
2add47b6.0  524d9b43.0  82223c44.0  a7d2cf64.0  d16a5865.0  fd08c599.0
2d9dafe4.0  52b525c7.0  85cde254.0  a81e292b.0  d18e9066.0  fde84897.0
2fa87019.0  559f7c71.0  86212b19.0  ab5346f4.0  d41b5e2a.0

java脚本

我随意放到了我自己的一个学习的项目里,大家配置一下路径就可以使用了,系统证书一般都是pem格式的。可以直接使用我的脚本

package com.cf.sqlTest.api.controller;

import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.text.SimpleDateFormat;
import java.util.Date;

public class ExpiredCertificates {

    public static void main(String[] args) {
        String certsDirectory = "C:\\Users\\29676\\Desktop\\charles\\old\\cacerts";

        File directory = new File(certsDirectory);
        File[] certFiles = directory.listFiles();

        if (certFiles != null) {
            for (File certFile : certFiles) {
                if (certFile.isFile() && certFile.getName().endsWith(".0")) {
                    try {
                        FileInputStream fis = new FileInputStream(certFile);
                        CertificateFactory cf = CertificateFactory.getInstance("X.509");
                        Certificate cert = cf.generateCertificate(fis);
                        fis.close();

                        if (cert instanceof X509Certificate) {
                            X509Certificate x509Cert = (X509Certificate) cert;
                            Date notAfter = x509Cert.getNotAfter();

                            if (notAfter.before(new Date())) {
                                SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd");
                                String expiryDate = dateFormat.format(notAfter);

                                System.out.println("文件名: " + certFile.getName());
                                System.out.println("过期时间: " + expiryDate);
//                                System.out.println("证书信息: " + x509Cert.toString());
                                String issuer = x509Cert.getIssuerDN().getName();
                                String subject = x509Cert.getSubjectDN().getName();

                                System.out.println("颁发者: " + issuer);
                                System.out.println("主题: " + subject);
                                System.out.println("-------------------------------------------");
                            }
                        }
                    } catch (Exception e) {
                        e.printStackTrace();
                    }
                }
            }
        }
    }
}

输出

文件名: d66b55d9.0
过期时间: 2017-12-23
颁发者: O=TÜRKTRUST Bilgi İletişim ve Bilişim Güvenliği Hizmetleri A.Ş. (c) Aralık 2007, L=Ankara, C=TR, CN=TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı
主题: O=TÜRKTRUST Bilgi İletişim ve Bilişim Güvenliği Hizmetleri A.Ş. (c) Aralık 2007, L=Ankara, C=TR, CN=TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı
-------------------------------------------
文件名: f227f868.0
过期时间: 2023-03-26
颁发者: C=NZ, ST=Auckland, L=Auckland, O=XK72 Ltd, OU=https://charlesproxy.com/ssl, CN="Charles Proxy CA (27 Mar 2022, XIAOSHENG)"
主题: C=NZ, ST=Auckland, L=Auckland, O=XK72 Ltd, OU=https://charlesproxy.com/ssl, CN="Charles Proxy CA (27 Mar 2022, XIAOSHENG)"
-------------------------------------------

然后就找到了过期的证书

进入系统证书文件夹

adb shell
su
cd /system/etc/security/cacerts
rm -r f227f868.0

0 条评论

发表评论

Avatar placeholder

您的电子邮箱地址不会被公开。 必填项已用*标注

站点统计

  • 文章总数:304 篇
  • 分类总数:19 个
  • 标签总数:189 个
  • 运行天数:864 天
  • 访问总数:475102 人次
ICP备案号: 辽ICP备20003309号