This implementation of CertPathParameters defines parameters that are passed to the validate( ) method of a PKIX CertPathValidator and defines a subset of the parameters that are passed to the build( ) method of a PKIX CertPathBuilder. A full understanding of this class requires a detailed discussion of the PKIX certification path building and validation algorithms, which is beyond the scope of this book. However, some of the more important parameters are described here.

When you create a PKIXParameters object, you must specify which trust anchors are to be used. You can do this by passing a Set of TrustAnchor objects to the constructor, or by passing a KeyStore containing trust anchor keys to the constructor. Once a PKIXParameters object is created, you can modify the set of TrustAnchor objects with setTrustAnchors( ) . Specify a Set of CertStore objects to be searched for certificates with setCertStores( ) or add a single CertStore to the set with addCertStore( ) . If certificate validity is to be checked for some date and time other than the current time, use setDate( ) to specify this date.

Figure 14-70.

public class PKIXParameters implements CertPathParameters {
// Public Constructors
     public PKIXParameters( keystore) throws,; ...

Get Java in a Nutshell, 5th Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.