Name
CertPath
Synopsis
A CertPath
is a immutable sequence or
chain
of certificates that establishes a “certification
path” from an unknown “end
entity” to a known and trusted Certificate Authority
or "trust anchor”. Use a
CertPathValidator to validate a certificate chain
and establish trust in the public key presented in the certificate of
the end entity.
getType( )
returns
the type of the certificates in the CertPath. For
X.509 certificate chains (the only type supported by the default
“SUN” provider) this method returns
“X.509”. getCertificates(
)
returns
a java.util.List object that contains the
Certificate objects that comprise the chain. For
X.509 chains, the list contains X509Certificate
objects. Also, for X.509 certificate paths, the
List returned by getCertificates(
) starts with the certificate of of the end entity, and
ends with a certificate signed by the trust anchor. The signer of any
certificate but the last must be the subject of the next certificate
in the List. If the end entity presents a
certificate that is directly signed by a trust anchor (which is a not
uncommon occurrence) then the List returned by
getCertificates( ) consists of only that single
certificate. Note that the list of certificates does not include the
certificate of the trust anchor. The public keys of trusted CAs must
be known by the system in advance. In Sun’s JDK
implementation, the public-key certificates of trusted CAs are stored
in the file jre/lib/security/cacerts.
CertPath objects can ...
Get Java in a Nutshell, 5th Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
