Please note that the contents of this offline web site may be out of date. To access the most recent documentation visit the online version .
Note that links that point to online resources are green in color and will open in a new window.
We would love it if you could give us feedback about this material by filling this form (You have to be online to fill it)

Summary: Ctors | Methods | Inherited Methods | [Expand All]

Added in API level 1

public class

PKIXParameters

extends Object
implements CertPathParameters

java.lang.Object
↳	java.security.cert.PKIXParameters

Known Direct Subclasses

PKIXBuilderParameters

Class Overview

This class implements the parameters for the PKIX CertPathValidator .

The parameters must be created with trusted certificate authorities (trust anchors).

Summary

Public Constructors
	)">PKIXParameters ( Set < TrustAnchor > trustAnchors) Creates a new `PKIXParameters` instance with the specified set of trusted certificate authorities.
	PKIXParameters ( KeyStore keyStore) Creates a new `PKIXParameters` instance with the trusted `X509Certificate` entries from the specified `KeyStore` .

Public Methods
void	addCertPathChecker ( PKIXCertPathChecker checker) Adds the specified `PKIXCertPathChecker` to the list of certification path checkers.
void	addCertStore ( CertStore store) Adds a certificate store to the list of certificate stores that are used to find certificates and CRLs.
Object	clone () Clones this `PKIXParameters` instance.
List < PKIXCertPathChecker >	getCertPathCheckers () Returns the list of checkers for the certification path.
List < CertStore >	getCertStores () Returns the list of certificate stores that are used to find certificates and CRLs.
Date	getDate () Returns the time for which the validation of the certification path should be evaluated.
Set < String >	getInitialPolicies () Returns the list of policies (as OID strings) that would be acceptable for the purpose of certification path processing.
boolean	getPolicyQualifiersRejected () Returns whether certificates are rejected that include policy qualifiers in a certificate policy extension that is marked as critical.
String	getSigProvider () Returns the name of the signature provider.
CertSelector	getTargetCertConstraints () Returns the constraints that are required for the target certificate.
Set < TrustAnchor >	getTrustAnchors () Returns a unmodifiable set of the trusted certificate authorities.
boolean	isAnyPolicyInhibited () Returns whether the any policy OID will be inhibited if it's included in a certificate.
boolean	isExplicitPolicyRequired () Returns whether an acceptable policy needs to be explicit identified in every certificate.
boolean	isPolicyMappingInhibited () Returns whether policy mapping is inhibited.
boolean	isRevocationEnabled () Returns whether the default revocation checking mechanism of the underlying service provider is used.
void	setAnyPolicyInhibited (boolean anyPolicyInhibited) Sets whether the any policy OID should be inhibited if it's included in a certificate.
void	)">setCertPathCheckers ( List < PKIXCertPathChecker > certPathCheckers) Sets the list of checkers for the certification path.
void	)">setCertStores ( List < CertStore > certStores) Set the list of certificate stores that are used to find certificates and CRLs.
void	setDate ( Date date) Sets the time for which the validation of the certification path should be evaluated.
void	setExplicitPolicyRequired (boolean explicitPolicyRequired) Sets whether an an acceptable policy needs to be explicit identified in every certificate.
void	)">setInitialPolicies ( Set < String > initialPolicies) Sets the list of policies (as OID strings) that would be acceptable for the purpose of certification path processing.
void	setPolicyMappingInhibited (boolean policyMappingInhibited) Sets whether policy mapping is to be inhibited.
void	setPolicyQualifiersRejected (boolean policyQualifiersRejected) Sets whether certificates should be rejected that include policy qualifiers in a certificate policy extension that is marked as critical.
void	setRevocationEnabled (boolean revocationEnabled) Sets whether the default revocation checking mechanism of the underlying service provider should be used.
void	setSigProvider ( String sigProvider) Sets the name of the preferred signature provider.
void	setTargetCertConstraints ( CertSelector targetCertConstraints) Sets the constraints that are required for the target certificate.
void	)">setTrustAnchors ( Set < TrustAnchor > trustAnchors) Sets the set of trusted certificate authorities.
String	toString () Returns a string representation of this `PKIXParameters` instance.

[Expand]

Inherited Methods

From class java.lang.Object

Object	clone () Creates and returns a copy of this `Object` .
boolean	equals ( Object o) Compares this instance with the specified object and indicates if they are equal.
void	finalize () Invoked when the garbage collector has detected that this instance is no longer reachable.
final Class <?>	getClass () Returns the unique instance of `Class` that represents this object's class.
int	hashCode () Returns an integer hash code for this object.
final void	notify () Causes a thread which is waiting on this object's monitor (by means of calling one of the `wait()` methods) to be woken up.
final void	notifyAll () Causes all threads which are waiting on this object's monitor (by means of calling one of the `wait()` methods) to be woken up.
String	toString () Returns a string containing a concise, human-readable description of this object.
final void	wait () Causes the calling thread to wait until another thread calls the `notify()` or `notifyAll()` method of this object.
final void	wait (long millis, int nanos) Causes the calling thread to wait until another thread calls the `notify()` or `notifyAll()` method of this object or until the specified timeout expires.
final void	wait (long millis) Causes the calling thread to wait until another thread calls the `notify()` or `notifyAll()` method of this object or until the specified timeout expires.

From interface java.security.cert.CertPathParameters

Public Constructors

)">

public PKIXParameters ( Set < TrustAnchor > trustAnchors)

Added in API level 1

Creates a new PKIXParameters instance with the specified set of trusted certificate authorities.

Parameters

trustAnchors	the trusted CAs.

Throws

InvalidAlgorithmParameterException	if `trustAnchors` is empty.

public PKIXParameters ( KeyStore keyStore)

Added in API level 1

Creates a new PKIXParameters instance with the trusted X509Certificate entries from the specified KeyStore .

Parameters

keyStore	the key store containing trusted certificates.

Throws

KeyStoreException	if the `keyStore` is not initialized.
InvalidAlgorithmParameterException	if `keyStore` does not contained any trusted certificate entry.

Public Methods

public void addCertPathChecker ( PKIXCertPathChecker checker)

Added in API level 1

Adds the specified PKIXCertPathChecker to the list of certification path checkers.

Parameters

checker	the `PKIXCertPathChecker` to add, if `null` , it will be ignored.

public void addCertStore ( CertStore store)

Added in API level 1

Adds a certificate store to the list of certificate stores that are used to find certificates and CRLs.

Parameters

store	the store to add, if `null` , it will be ignored.

public Object clone ()

Added in API level 1

Clones this PKIXParameters instance.

Returns

the cloned instance.

public List < PKIXCertPathChecker > getCertPathCheckers ()

Added in API level 1

Returns the list of checkers for the certification path.

The list is unmodifiable and the entries in the list are cloned.

Returns

the list of checkers for the certification path.

public List < CertStore > getCertStores ()

Added in API level 1

Returns the list of certificate stores that are used to find certificates and CRLs.

Returns

an immutable list of certificate stores.

public Date getDate ()

Added in API level 1

Returns the time for which the validation of the certification path should be evaluated.

Returns

the time for the validation, or null for the current time.

public Set < String > getInitialPolicies ()

Added in API level 1

Returns the list of policies (as OID strings) that would be acceptable for the purpose of certification path processing.

Returns

the unmodifiable list of policies, or an empty set if any policy is acceptable.

public boolean getPolicyQualifiersRejected ()

Added in API level 1

Returns whether certificates are rejected that include policy qualifiers in a certificate policy extension that is marked as critical.

Returns

true if the certificates should be rejected, otherwise false .

public String getSigProvider ()

Added in API level 1

Returns the name of the signature provider.

Returns

the name of the signature provider, or null if none is set.

public CertSelector getTargetCertConstraints ()

Added in API level 1

Returns the constraints that are required for the target certificate.

Returns

the constraints for the target certificate, or null if none are set.

public Set < TrustAnchor > getTrustAnchors ()

Added in API level 1

Returns a unmodifiable set of the trusted certificate authorities.

Returns

a unmodifiable set of the trusted certificate authorities.

public boolean isAnyPolicyInhibited ()

Added in API level 1

Returns whether the any policy OID will be inhibited if it's included in a certificate.

Returns

true if the any policy OID will be inhibited, otherwise false .

public boolean isExplicitPolicyRequired ()

Added in API level 1

Returns whether an acceptable policy needs to be explicit identified in every certificate.

Returns

true if an explicit policy is required, otherwise false .

public boolean isPolicyMappingInhibited ()

Added in API level 1

Returns whether policy mapping is inhibited.

Returns

true if policy mapping is inhibited, otherwise false .

public boolean isRevocationEnabled ()

Added in API level 1

Returns whether the default revocation checking mechanism of the underlying service provider is used.

Returns

true if the default revocation checking mechanism is used, otherwise false .

public void setAnyPolicyInhibited (boolean anyPolicyInhibited)

Added in API level 1

Sets whether the any policy OID should be inhibited if it's included in a certificate.

Parameters

anyPolicyInhibited	`true` if the any policy OID should be inhibited, otherwise `false` .

)">

public void setCertPathCheckers ( List < PKIXCertPathChecker > certPathCheckers)

Added in API level 1

Sets the list of checkers for the certification path.

The list is copied and the entries are cloned.

Parameters

certPathCheckers	the list of checkers for the certification path, or `null` to clear the checkers.

)">

public void setCertStores ( List < CertStore > certStores)

Added in API level 1

Set the list of certificate stores that are used to find certificates and CRLs.

Parameters

certStores	the list of certificate stores.

public void setDate ( Date date)

Added in API level 1

Sets the time for which the validation of the certification path should be evaluated.

Parameters

date	the time for the validation, or `null` for the current time.

public void setExplicitPolicyRequired (boolean explicitPolicyRequired)

Added in API level 1

Sets whether an an acceptable policy needs to be explicit identified in every certificate.

Parameters

explicitPolicyRequired	`true` if an explicit policy is required, otherwise `false` .

)">

public void setInitialPolicies ( Set < String > initialPolicies)

Added in API level 1

Sets the list of policies (as OID strings) that would be acceptable for the purpose of certification path processing.

Parameters

initialPolicies	the list of policies, or an empty set or `null` if any policy is acceptable.

public void setPolicyMappingInhibited (boolean policyMappingInhibited)

Added in API level 1

Sets whether policy mapping is to be inhibited.

Parameters

policyMappingInhibited	`true` if policy mapping is to be inhibited, otherwise `false` .

public void setPolicyQualifiersRejected (boolean policyQualifiersRejected)

Added in API level 1

Sets whether certificates should be rejected that include policy qualifiers in a certificate policy extension that is marked as critical.

Parameters

policyQualifiersRejected	`true` if the certificates should be rejected, otherwise `false` .

public void setRevocationEnabled (boolean revocationEnabled)

Added in API level 1

Sets whether the default revocation checking mechanism of the underlying service provider should be used.

Parameters

revocationEnabled	`true` id the default revocation checking mechanism should be used, otherwise `false` .

public void setSigProvider ( String sigProvider)

Added in API level 1

Sets the name of the preferred signature provider.

If set, the specified provider will be preferred for creating signatures. If not set, the first provider found supporting creation of signatures will be used.

Parameters

sigProvider	the name of the preferred signature provider, or `null` if none is preferred.

public void setTargetCertConstraints ( CertSelector targetCertConstraints)

Added in API level 1

Sets the constraints that are required for the target certificate.

Parameters

targetCertConstraints	the constraints for the target certificate, or `null` if none should be used.

)">

public void setTrustAnchors ( Set < TrustAnchor > trustAnchors)

Added in API level 1

Sets the set of trusted certificate authorities.

Parameters

trustAnchors	the set of trusted certificate authorities.

Throws

InvalidAlgorithmParameterException	if `trustAnchors` is empty.

public String toString ()

Added in API level 1

Returns a string representation of this PKIXParameters instance.

Returns

a string representation of this PKIXParameters instance.

Results

Interfaces

Classes

Exceptions

PKIXParameters

Class Overview

See Also

Summary

Public Constructors

public PKIXParameters ( Set < TrustAnchor > trustAnchors)

Parameters

Throws

public PKIXParameters ( KeyStore keyStore)

Parameters

Throws

Public Methods

public void addCertPathChecker ( PKIXCertPathChecker checker)

Parameters

public void addCertStore ( CertStore store)

Parameters

public Object clone ()

Returns

public List < PKIXCertPathChecker > getCertPathCheckers ()

Returns

public List < CertStore > getCertStores ()

Returns

public Date getDate ()

Returns

public Set < String > getInitialPolicies ()

Returns

public boolean getPolicyQualifiersRejected ()

Returns

public String getSigProvider ()

Returns

public CertSelector getTargetCertConstraints ()

Returns

public Set < TrustAnchor > getTrustAnchors ()

Returns

public boolean isAnyPolicyInhibited ()

Returns

public boolean isExplicitPolicyRequired ()

Returns

public boolean isPolicyMappingInhibited ()

Returns

public boolean isRevocationEnabled ()

Returns

public void setAnyPolicyInhibited (boolean anyPolicyInhibited)

Parameters

public void setCertPathCheckers ( List < PKIXCertPathChecker > certPathCheckers)

Parameters

public void setCertStores ( List < CertStore > certStores)

Parameters

public void setDate ( Date date)

Parameters

public void setExplicitPolicyRequired (boolean explicitPolicyRequired)

Parameters

public void setInitialPolicies ( Set < String > initialPolicies)

Parameters

public void setPolicyMappingInhibited (boolean policyMappingInhibited)

Parameters

public void setPolicyQualifiersRejected (boolean policyQualifiersRejected)

Parameters

public void setRevocationEnabled (boolean revocationEnabled)

Parameters

public void setSigProvider ( String sigProvider)

Parameters

public void setTargetCertConstraints ( CertSelector targetCertConstraints)

Parameters

public void setTrustAnchors ( Set < TrustAnchor > trustAnchors)

Parameters

Throws

public String toString ()

Returns