Package java.security.cert
Provides classes and interfaces for parsing and managing certificates, certificate revocation lists (CRLs), and certification paths.
See: Description
-
Interface Summary Interface Description CertPathBuilderResult A specification of the result of a certification path builder algorithm.CertPathChecker Performs one or more checks on eachCertificate
of aCertPath
.CertPathParameters A specification of certification path algorithm parameters.CertPathValidatorException.Reason The reason the validation algorithm failed.CertPathValidatorResult A specification of the result of a certification path validator algorithm.CertSelector A selector that defines a set of criteria for selectingCertificate
s.CertStoreParameters A specification ofCertStore
parameters.CRLSelector A selector that defines a set of criteria for selectingCRL
s.Extension This interface represents an X.509 extension.PolicyNode An immutable valid policy tree node as defined by the PKIX certification path validation algorithm.X509Extension Interface for an X.509 extension. -
Class Summary Class Description Certificate Abstract class for managing a variety of identity certificates.Certificate.CertificateRep Alternate Certificate class for serialization.CertificateFactory This class defines the functionality of a certificate factory, which is used to generate certificate, certification path (CertPath
) and certificate revocation list (CRL) objects from their encodings.CertificateFactorySpi This class defines the Service Provider Interface (SPI) for theCertificateFactory
class.CertPath An immutable sequence of certificates (a certification path).CertPath.CertPathRep AlternateCertPath
class for serialization.CertPathBuilder A class for building certification paths (also known as certificate chains).CertPathBuilderSpi The Service Provider Interface (SPI) for theCertPathBuilder
class.CertPathValidator A class for validating certification paths (also known as certificate chains).CertPathValidatorSpi The Service Provider Interface (SPI) for theCertPathValidator
class.CertStore A class for retrievingCertificate
s andCRL
s from a repository.CertStoreSpi The Service Provider Interface (SPI) for theCertStore
class.CollectionCertStoreParameters Parameters used as input for the CollectionCertStore
algorithm.CRL This class is an abstraction of certificate revocation lists (CRLs) that have different formats but important common uses.LDAPCertStoreParameters Parameters used as input for the LDAPCertStore
algorithm.PKIXBuilderParameters Parameters used as input for the PKIXCertPathBuilder
algorithm.PKIXCertPathBuilderResult This class represents the successful result of the PKIX certification path builder algorithm.PKIXCertPathChecker An abstract class that performs one or more checks on anX509Certificate
.PKIXCertPathValidatorResult This class represents the successful result of the PKIX certification path validation algorithm.PKIXParameters Parameters used as input for the PKIXCertPathValidator
algorithm.PKIXRevocationChecker APKIXCertPathChecker
for checking the revocation status of certificates with the PKIX algorithm.PolicyQualifierInfo An immutable policy qualifier represented by the ASN.1 PolicyQualifierInfo structure.TrustAnchor A trust anchor or most-trusted Certification Authority (CA).X509Certificate Abstract class for X.509 certificates.X509CertSelector ACertSelector
that selectsX509Certificates
that match all specified criteria.X509CRL Abstract class for an X.509 Certificate Revocation List (CRL).X509CRLEntry Abstract class for a revoked certificate in a CRL (Certificate Revocation List).X509CRLSelector ACRLSelector
that selectsX509CRLs
that match all specified criteria. -
Enum Summary Enum Description CertPathValidatorException.BasicReason The BasicReason enumerates the potential reasons that a certification path of any type may be invalid.CRLReason The CRLReason enumeration specifies the reason that a certificate is revoked, as defined in RFC 3280: Internet X.509 Public Key Infrastructure Certificate and CRL Profile.PKIXReason ThePKIXReason
enumerates the potential PKIX-specific reasons that an X.509 certification path may be invalid according to the PKIX (RFC 3280) standard.PKIXRevocationChecker.Option Various revocation options that can be specified for the revocation checking mechanism. -
Exception Summary Exception Description CertificateEncodingException Certificate Encoding Exception.CertificateException This exception indicates one of a variety of certificate problems.CertificateExpiredException Certificate Expired Exception.CertificateNotYetValidException Certificate is not yet valid exception.CertificateParsingException Certificate Parsing Exception.CertificateRevokedException An exception that indicates an X.509 certificate is revoked.CertPathBuilderException An exception indicating one of a variety of problems encountered when building a certification path with aCertPathBuilder
.CertPathValidatorException An exception indicating one of a variety of problems encountered when validating a certification path.CertStoreException An exception indicating one of a variety of problems retrieving certificates and CRLs from aCertStore
.CRLException CRL (Certificate Revocation List) Exception.
Package java.security.cert Description
Provides classes and interfaces for parsing and managing certificates, certificate revocation lists (CRLs), and certification paths. It contains support for X.509 v3 certificates and X.509 v2 CRLs.
Package Specification
- Java™ Cryptography Architecture (JCA) Reference Guide
- RFC 5280: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile
- RFC 2560: X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP
- Java™ Cryptography Architecture Standard Algorithm Name Documentation
Related Documentation
For information about X.509 certificates and CRLs, please see:- Since:
- 1.2
Submit a bug or feature
For further API reference and developer documentation, see Java SE Documentation. That documentation contains more detailed, developer-targeted descriptions, with conceptual overviews, definitions of terms, workarounds, and working code examples.
Copyright © 1993, 2022, Oracle and/or its affiliates. All rights reserved. Use is subject to license terms. Also see the documentation redistribution policy.