Name
Certificate
Synopsis
This abstract class represents an
public-key (or identity) certificate. A
certificate is an object that contains the name
of an entity and a public key for that entity. Certificates are
issued by, and bear the digital signature of, a (presumably trusted)
third party, typically a
certificate authority
(CA). By issuing and signing the certificate, the CA is certifying
that, based on their research, the entity named on the certificate
really is who they say they are and that the public key in the
certificate really does belong to that entity. Sometimes the signer
of a certificate is not a trusted CA, and the certificate is
accompanied by the signer’s certificate which may be
signed by a CA, or by another untrusted intermediary who provides his
or her own certificate. A “chain”
of such certificates is known as a “certification
path”. See CertPath for further
details.
Use a
CertificateFactory to parse a stream of bytes into
a Certificate object; getEncoded(
) reverses this process. Use verify( )
to verify the digital signature of the entity that issued the
certificate. If the signature cannot be verified, the certificate
should not be trusted. Call getPublicKey( ) to
obtain the java.security.PublicKey of the subject
of the certificate. Note that this class does not define a method for
obtaining the Principal that is associated with
the PublicKey. That functionality is dependent on
the type of the certificate. See
X509Certificate.getSubjectDN( ), for example. ...
Get Java in a Nutshell, 5th Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
