生成anroid系统数字证书

生成系统数字证书 

使用方法： 
The filenames in the cacerts directory are in the format of . 
where "hash" is the subject hash produced by: 

    openssl x509 -subject_hash -in filename 
and the "n" is a unique integer identifier starting at 0 to deal 
with collisions. See OpenSSL's c_rehash manpage for details. 

生成hash数字命令： 
# openssl x509 -subject_hash -in screeneo_int_ca.crt  
1111f51f 
-----BEGIN CERTIFICATE----- 
MIIDezCCAmOgAwIBAgIJAJe1oJAy2pymMA0GCSqGSIb3DQEBBQUAMFQxCzAJBgNV 
BAYTAkZSMREwDwYDVQQKDAhTYWdlbWNvbTEYMBYGA1UECwwPU2FnZW1jb20gUmV0 
YWlsMRgwFgYDVQQDDA9TQ1JFRU5FT19JTlQgQ0EwHhcNMTQxMDIyMTQyNDMwWhcN 
MzQxMDE3MTQyNDMwWjBUMQswCQYDVQQGEwJGUjERMA8GA1UECgwIU2FnZW1jb20x 
GDAWBgNVBAsMD1NhZ2VtY29tIFJldGFpbDEYMBYGA1UEAwwPU0NSRUVORU9fSU5U 
IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0apqVFQHPVLLWL5L 
f2qPBldLWPjKDxvnpjiGlLc6LVwBran3xdM3i/nPDDNG2GBmv7WjTol9DPMupoN5 
cMhN4+6hfe7vE1DlB1qhgj/bpBD43FkQjvmO8QYjcXLvv09/B3uta/JdEAQly07Z 
Qp4rUhNT0pHhcIMe2Cf+0XWhKQdOKS0DrqtTrEp3mtXrqCKOllhCU9jhugaMerRb 
R/wkTBJHoLbRTDtcp3rKMjVxWOlB1QrnCruz8YMPFzrtq/pef/m85Xk9sMDRZbHM 
2osqLwvOsMILrDIoRrztRboa9R6TzKmmna7iiyWOOZOp9Z2pnEuIt1gSwYiqv070 
rrVd7QIDAQABo1AwTjAdBgNVHQ4EFgQUNsm2/0Sv2phzg7zzKyKVusk8/0MwHwYD 
VR0jBBgwFoAUNsm2/0Sv2phzg7zzKyKVusk8/0MwDAYDVR0TBAUwAwEB/zANBgkq 
hkiG9w0BAQUFAAOCAQEApG7zkmqp+4AJcnPyMUoLQbyhlUlnkwRam7OhxaNoLDXs 
TVPJjICurntOQfLcUPvoh+Pc3d42rKo7TM/wGgc1kHAv0TSrc25rH2tUeaEiF2zZ 
hrZ7u3kiS7Bgph1g1Xt+zhDi00FwMn307LL5Q6Z0UmdGkJJHvZcLM9kRpD47TBkE 
CTwaBluEjXuTS3R5XaRLmBdmXfyJUj59KFaHjP+NhegDclpKmWWXzc3W9fMkIOFi 
57UjOHwYWZ9ZZIccGZpnYMsucXtJAGfLloZHJ/ZUP3E5xmt5xMEGv9ZVXLXOcTJj 
BvhJ/P81UZbR1euZUHkfBvbDh9wFeoknTDvm65zK3w== 

2）crt文件重命名 
Base64文本格式的根证书文件screeneo_int_ca.crt 重命名为1111f51f.0复制到/libcore/luni/src/main/files/cacerts目录下面 



3)编译，生成系统，将1111f51f.0将会被添加到系统根证书中。在out目录下面将会看到 
   /system/etc/security/cacerts文件夹里有新的证书。 

4）验证 
   到设置(Settings) – 安全(Security) – 受信任的凭据(Trusted credentials)里面，此时你要安装的根证书应该会显示已经安装好了。这样安装之后根证书是作为系统证书使用的。