java.lang.Object | |
↳ | java.security.cert.PKIXParameters |
Known Direct Subclasses |
This class implements the parameters for the
PKIX CertPathValidator
.
The parameters must be created with trusted certificate authorities (trust anchors).
Public Constructors | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
Creates a new
PKIXParameters
instance with the specified set of
trusted
certificate authorities.
|
||||||||||
|
Creates a new
PKIXParameters
instance with the trusted
X509Certificate
entries from the specified
KeyStore
.
|
Public Methods | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
Adds the specified
PKIXCertPathChecker
to the list of
certification path checkers.
|
||||||||||
|
Adds a certificate store to the list of certificate stores that are used
to find certificates and CRLs.
|
||||||||||
|
Clones this
PKIXParameters
instance.
|
||||||||||
|
Returns the list of checkers for the certification path.
|
||||||||||
|
Returns the list of certificate stores that are used to find certificates
and CRLs.
|
||||||||||
|
Returns the time for which the validation of the certification path
should be evaluated.
|
||||||||||
|
Returns the list of policies (as OID strings) that would be acceptable
for the purpose of certification path processing.
|
||||||||||
|
Returns whether certificates are rejected that include policy
qualifiers in a certificate policy extension that is marked as critical.
|
||||||||||
|
Returns the name of the signature provider.
|
||||||||||
|
Returns the constraints that are required for the target certificate.
|
||||||||||
|
Returns a unmodifiable set of the
trusted
certificate authorities.
|
||||||||||
|
Returns whether the
any policy OID
will be inhibited if it's
included in a certificate.
|
||||||||||
|
Returns whether an acceptable policy needs to be explicit identified in
every certificate.
|
||||||||||
|
Returns whether policy mapping is inhibited.
|
||||||||||
|
Returns whether the default revocation checking mechanism of the
underlying service provider is used.
|
||||||||||
|
Sets whether the
any policy OID
should be inhibited if it's
included in a certificate.
|
||||||||||
|
Sets the list of checkers for the certification path.
|
||||||||||
|
Set the list of certificate stores that are used to find certificates and
CRLs.
|
||||||||||
|
Sets the time for which the validation of the certification path should be
evaluated.
|
||||||||||
|
Sets whether an an acceptable policy needs to be explicit identified in
every certificate.
|
||||||||||
|
Sets the list of policies (as OID strings) that would be acceptable for
the purpose of certification path processing.
|
||||||||||
|
Sets whether policy mapping is to be inhibited.
|
||||||||||
|
Sets whether certificates should be rejected that include policy
qualifiers in a certificate policy extension that is marked as critical.
|
||||||||||
|
Sets whether the default revocation checking mechanism of the underlying
service provider should be used.
|
||||||||||
|
Sets the name of the preferred signature provider.
|
||||||||||
|
Sets the constraints that are required for the target certificate.
|
||||||||||
|
Sets the set of
trusted
certificate authorities.
|
||||||||||
|
Returns a string representation of this
PKIXParameters
instance.
|
[Expand]
Inherited Methods
|
|||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
From class
java.lang.Object
|
|||||||||||
From interface
java.security.cert.CertPathParameters
|
Creates a new
PKIXParameters
instance with the specified set of
trusted
certificate authorities.
trustAnchors | the trusted CAs. |
---|
InvalidAlgorithmParameterException |
if
trustAnchors
is empty.
|
---|
Creates a new
PKIXParameters
instance with the trusted
X509Certificate
entries from the specified
KeyStore
.
keyStore | the key store containing trusted certificates. |
---|
KeyStoreException |
if the
keyStore
is not initialized.
|
---|---|
InvalidAlgorithmParameterException |
if
keyStore
does not contained any trusted
certificate entry.
|
Adds the specified
PKIXCertPathChecker
to the list of
certification path checkers.
checker |
the
PKIXCertPathChecker
to add, if
null
, it
will be ignored.
|
---|
Adds a certificate store to the list of certificate stores that are used to find certificates and CRLs.
store |
the store to add, if
null
, it will be ignored.
|
---|
Clones this
PKIXParameters
instance.
Returns the list of checkers for the certification path.
The list is unmodifiable and the entries in the list are cloned.
Returns the list of certificate stores that are used to find certificates and CRLs.
Returns the time for which the validation of the certification path should be evaluated.
null
for the current
time.
Returns the list of policies (as OID strings) that would be acceptable for the purpose of certification path processing.
Returns whether certificates are rejected that include policy qualifiers in a certificate policy extension that is marked as critical.
true
if the certificates should be rejected, otherwise
false
.
Returns the name of the signature provider.
null
if none is
set.
Returns the constraints that are required for the target certificate.
null
if
none are set.
Returns a unmodifiable set of the trusted certificate authorities.
Returns whether the any policy OID will be inhibited if it's included in a certificate.
true
if the
any policy OID
will be inhibited,
otherwise
false
.
Returns whether an acceptable policy needs to be explicit identified in every certificate.
true
if an explicit policy is required, otherwise
false
.
Returns whether policy mapping is inhibited.
true
if policy mapping is inhibited, otherwise
false
.
Returns whether the default revocation checking mechanism of the underlying service provider is used.
true
if the default revocation checking mechanism is
used, otherwise
false
.
Sets whether the any policy OID should be inhibited if it's included in a certificate.
anyPolicyInhibited |
true
if the
any policy OID
should be inhibited,
otherwise
false
.
|
---|
Sets the list of checkers for the certification path.
The list is copied and the entries are cloned.
certPathCheckers |
the list of checkers for the certification path, or
null
to clear the checkers.
|
---|
Set the list of certificate stores that are used to find certificates and CRLs.
certStores | the list of certificate stores. |
---|
Sets the time for which the validation of the certification path should be evaluated.
date |
the time for the validation, or
null
for the current
time.
|
---|
Sets whether an an acceptable policy needs to be explicit identified in every certificate.
explicitPolicyRequired |
true
if an explicit policy is required, otherwise
false
.
|
---|
Sets the list of policies (as OID strings) that would be acceptable for the purpose of certification path processing.
initialPolicies |
the list of policies, or an empty set or
null
if any
policy is acceptable.
|
---|
Sets whether policy mapping is to be inhibited.
policyMappingInhibited |
true
if policy mapping is to be inhibited, otherwise
false
.
|
---|
Sets whether certificates should be rejected that include policy qualifiers in a certificate policy extension that is marked as critical.
policyQualifiersRejected |
true
if the certificates should be rejected, otherwise
false
.
|
---|
Sets whether the default revocation checking mechanism of the underlying service provider should be used.
revocationEnabled |
true
id the default revocation checking mechanism
should be used, otherwise
false
.
|
---|
Sets the name of the preferred signature provider.
If set, the specified provider will be preferred for creating signatures. If not set, the first provider found supporting creation of signatures will be used.
sigProvider |
the name of the preferred signature provider, or
null
if none is preferred.
|
---|
Sets the constraints that are required for the target certificate.
targetCertConstraints |
the constraints for the target certificate, or
null
if
none should be used.
|
---|
Sets the set of trusted certificate authorities.
trustAnchors | the set of trusted certificate authorities. |
---|
InvalidAlgorithmParameterException |
if
trustAnchors
is empty.
|
---|
Returns a string representation of this
PKIXParameters
instance.
PKIXParameters
instance.