Package javax.security.cert

Class X509Certificate

java.lang.Object
javax.security.cert.Certificate
javax.security.cert.X509Certificate
public abstract class X509Certificate
extends Certificate
Abstract base class for X.509 certificates.

This represents a standard way for accessing the attributes of X.509 v1 certificates.

Note: This package is provided only for compatibility reasons. It contains a simplified version of the java.security.cert package that was previously used by JSSE (Java SSL package). All applications that do not have to be compatible with older versions of JSSE (that is before Java SDK 1.5) should only use java.security.cert.

  • Constructor Details

    • X509Certificate

      public X509Certificate()
      Creates a new X509Certificate.

  • Method Details

    • getInstance

      public static final X509Certificate getInstance​(InputStream inStream) throws CertificateException
      Creates a new X509Certificate and initializes it from the specified input stream.
      Parameters:
      inStream - input stream containing data to initialize the certificate.
      Returns:
      the certificate initialized from the specified input stream
      Throws:
      CertificateException - if the certificate cannot be created or initialized.

    • getInstance

      public static final X509Certificate getInstance​(byte[] certData) throws CertificateException
      Creates a new X509Certificate and initializes it from the specified byte array.
      Parameters:
      certData - byte array containing data to initialize the certificate.
      Returns:
      the certificate initialized from the specified byte array
      Throws:
      CertificateException - if the certificate cannot be created or initialized.

    • checkValidity

      public abstract void checkValidity() throws CertificateExpiredException, CertificateNotYetValidException
      Checks whether the certificate is currently valid.

      The validity defined in ASN.1: 

       validity             Validity

 Validity ::= SEQUENCE {
      notBefore       CertificateValidityDate,
      notAfter        CertificateValidityDate }

 CertificateValidityDate ::= CHOICE {
      utcTime         UTCTime,
      generalTime     GeneralizedTime }
      Throws:
      CertificateExpiredException - if the certificate has expired.
      CertificateNotYetValidException - if the certificate is not yet valid.

    • checkValidity

      public abstract void checkValidity​(Date date) throws CertificateExpiredException, CertificateNotYetValidException
      Checks whether the certificate is valid at the specified date.
      Parameters:
      date - the date to check the validity against.
      Throws:
      CertificateExpiredException - if the certificate has expired.
      CertificateNotYetValidException - if the certificate is not yet valid.
      See Also:
      checkValidity()

    • getVersion

      public abstract int getVersion()
      Returns the certificates version (version number).

      The version defined is ASN.1: 

       Version ::=  INTEGER  {  v1(0), v2(1), v3(2)  }
      Returns:
      the version number.

    • getSerialNumber

      public abstract BigInteger getSerialNumber()
      Returns the serialNumber of the certificate.

      The ASN.1 definition of serialNumber: 

       CertificateSerialNumber  ::=  INTEGER
      Returns:
      the serial number.

    • getIssuerDN

      public abstract Principal getIssuerDN()
      Returns the issuer (issuer distinguished name) as an implementation specific Principal object.

      The ASN.1 definition of issuer: 

        issuer      Name

  Name ::= CHOICE {
      RDNSequence }

    RDNSequence ::= SEQUENCE OF RelativeDistinguishedName

    RelativeDistinguishedName ::= SET OF AttributeTypeAndValue

    AttributeTypeAndValue ::= SEQUENCE {
      type     AttributeType,
      value    AttributeValue }

    AttributeType ::= OBJECT IDENTIFIER

    AttributeValue ::= ANY DEFINED BY AttributeType
      Returns:
      the issuer as an implementation specific Principal.

    • getSubjectDN

      public abstract Principal getSubjectDN()
      Returns the subject (subject distinguished name) as an implementation specific Principal object.

      The ASN.1 definition of subject: 

       subject      Name

  Name ::= CHOICE {
      RDNSequence }

    RDNSequence ::= SEQUENCE OF RelativeDistinguishedName

    RelativeDistinguishedName ::= SET OF AttributeTypeAndValue

    AttributeTypeAndValue ::= SEQUENCE {
      type     AttributeType,
      value    AttributeValue }

    AttributeType ::= OBJECT IDENTIFIER

    AttributeValue ::= ANY DEFINED BY AttributeType
      Returns:
      the subject (subject distinguished name).

    • getNotBefore

      public abstract Date getNotBefore()
      Returns the notBefore date from the validity period of the certificate.
      Returns:
      the start of the validity period.

    • getNotAfter

      public abstract Date getNotAfter()
      Returns the notAfter date of the validity period of the certificate.
      Returns:
      the end of the validity period.

    • getSigAlgName

      public abstract String getSigAlgName()
      Returns the name of the algorithm for the certificate signature.
      Returns:
      the signature algorithm name.

    • getSigAlgOID

      public abstract String getSigAlgOID()
      Returns the OID of the signature algorithm from the certificate.
      Returns:
      the OID of the signature algorithm.

    • getSigAlgParams

      public abstract byte[] getSigAlgParams()
      Returns the parameters of the signature algorithm in DER-encoded format.
      Returns:
      the parameters of the signature algorithm, or null if none are used.