Module java.base
Package java.security.cert
package java.security.cert
Provides classes and interfaces for parsing and managing
certificates, certificate revocation lists (CRLs), and
certification paths. It contains support for X.509 v3
certificates and X.509 v2 CRLs.
Package Specification
- Java Cryptography Architecture (JCA) Reference Guide
- RFC 5280: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile
- RFC 2560: X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP
- Java Security Standard Algorithm Names Specification
Related Documentation
For information about X.509 certificates and CRLs, please see:- Since:
- 1.2
-
ClassDescriptionAbstract class for managing a variety of identity certificates.Alternate Certificate class for serialization.Certificate Encoding Exception.This exception indicates one of a variety of certificate problems.Certificate Expired Exception.This class defines the functionality of a certificate factory, which is used to generate certificate, certification path (
CertPath
) and certificate revocation list (CRL) objects from their encodings.This class defines the Service Provider Interface (SPI) for theCertificateFactory
class.Certificate is not yet valid exception.Certificate Parsing Exception.An exception that indicates an X.509 certificate is revoked.An immutable sequence of certificates (a certification path).AlternateCertPath
class for serialization.A class for building certification paths (also known as certificate chains).An exception indicating one of a variety of problems encountered when building a certification path with aCertPathBuilder
.A specification of the result of a certification path builder algorithm.The Service Provider Interface (SPI) for theCertPathBuilder
class.Performs one or more checks on eachCertificate
of aCertPath
.A specification of certification path algorithm parameters.A class for validating certification paths (also known as certificate chains).An exception indicating one of a variety of problems encountered when validating a certification path.The BasicReason enumerates the potential reasons that a certification path of any type may be invalid.The reason the validation algorithm failed.A specification of the result of a certification path validator algorithm.The Service Provider Interface (SPI) for theCertPathValidator
class.A selector that defines a set of criteria for selectingCertificate
s.A class for retrievingCertificate
s andCRL
s from a repository.An exception indicating one of a variety of problems retrieving certificates and CRLs from aCertStore
.A specification ofCertStore
parameters.The Service Provider Interface (SPI) for theCertStore
class.Parameters used as input for the CollectionCertStore
algorithm.This class is an abstraction of certificate revocation lists (CRLs) that have different formats but important common uses.CRL (Certificate Revocation List) Exception.The CRLReason enumeration specifies the reason that a certificate is revoked, as defined in RFC 5280: Internet X.509 Public Key Infrastructure Certificate and CRL Profile.A selector that defines a set of criteria for selectingCRL
s.This interface represents an X.509 extension.Parameters used as input for the LDAPCertStore
algorithm.Parameters used as input for the PKIXCertPathBuilder
algorithm.This class represents the successful result of the PKIX certification path builder algorithm.An abstract class that performs one or more checks on anX509Certificate
.This class represents the successful result of the PKIX certification path validation algorithm.Parameters used as input for the PKIXCertPathValidator
algorithm.ThePKIXReason
enumerates the potential PKIX-specific reasons that an X.509 certification path may be invalid according to the PKIX (RFC 5280) standard.APKIXCertPathChecker
for checking the revocation status of certificates with the PKIX algorithm.Various revocation options that can be specified for the revocation checking mechanism.An immutable valid policy tree node as defined by the PKIX certification path validation algorithm.An immutable policy qualifier represented by the ASN.1 PolicyQualifierInfo structure.A trust anchor or most-trusted Certification Authority (CA).Parameters used as input forCertStore
algorithms which use information contained in a URI to retrieve certificates and CRLs.Abstract class for X.509 certificates.ACertSelector
that selectsX509Certificates
that match all specified criteria.Abstract class for an X.509 Certificate Revocation List (CRL).Abstract class for a revoked certificate in a CRL (Certificate Revocation List).ACRLSelector
that selectsX509CRLs
that match all specified criteria.Interface for an X.509 extension.