class to produce an X.509 Version 3 certificate.
addExtension
public void addExtension(String OID,
boolean critical,
byte[] value)
add a given extension field for the standard extensions tag (tag 3)
The value parameter becomes the contents of the octet string associated
with the extension.
addExtension
public void addExtension(String OID,
boolean critical,
DEREncodable value)
add a given extension field for the standard extensions tag (tag 3)
addExtension
public void addExtension(DERObjectIdentifier OID,
boolean critical,
byte[] value)
add a given extension field for the standard extensions tag (tag 3)
addExtension
public void addExtension(DERObjectIdentifier OID,
boolean critical,
DEREncodable value)
add a given extension field for the standard extensions tag (tag 3)
generateX509Certificate
public X509Certificate generateX509Certificate(PrivateKey key)
throws SecurityException,
SignatureException,
InvalidKeyException
generate an X509 certificate, based on the current issuer and subject
using the default provider "BC".
generateX509Certificate
public X509Certificate generateX509Certificate(PrivateKey key,
SecureRandom random)
throws SecurityException,
SignatureException,
InvalidKeyException
generate an X509 certificate, based on the current issuer and subject
using the default provider "BC", and the passed in source of randomness
(if required).
generateX509Certificate
public X509Certificate generateX509Certificate(PrivateKey key,
String provider)
throws NoSuchProviderException,
SecurityException,
SignatureException,
InvalidKeyException
generate an X509 certificate, based on the current issuer and subject,
using the passed in provider for the signing.
generateX509Certificate
public X509Certificate generateX509Certificate(PrivateKey key,
String provider,
SecureRandom random)
throws NoSuchProviderException,
SecurityException,
SignatureException,
InvalidKeyException
generate an X509 certificate, based on the current issuer and subject,
using the passed in provider for the signing and the supplied source
of randomness, if required.
getSignatureAlgNames
public Iterator getSignatureAlgNames()
Return an iterator of the signature names supported by the generator.
- an iterator containing recognised names.
reset
public void reset()
reset the generator
setIssuerDN
public void setIssuerDN(X500Principal issuer)
Set the issuer distinguished name - the issuer is the entity whose private key is used to sign the
certificate.
setIssuerDN
public void setIssuerDN(X509Name issuer)
Set the issuer distinguished name - the issuer is the entity whose private key is used to sign the
certificate.
setNotAfter
public void setNotAfter(Date date)
setNotBefore
public void setNotBefore(Date date)
setPublicKey
public void setPublicKey(PublicKey key)
setSerialNumber
public void setSerialNumber(BigInteger serialNumber)
set the serial number for the certificate.
setSignatureAlgorithm
public void setSignatureAlgorithm(String signatureAlgorithm)
Set the signature algorithm. This can be either a name or an OID, names
are treated as case insensitive.
signatureAlgorithm
- string representation of the algorithm name.
setSubjectDN
public void setSubjectDN(X500Principal subject)
Set the subject distinguished name. The subject describes the entity associated with the public key.
setSubjectDN
public void setSubjectDN(X509Name subject)
Set the subject distinguished name. The subject describes the entity associated with the public key.