Name
X509CertSelector
Synopsis
This class is a CertSelector for X.509
certificates. Its various set methods allow you to
specify values for various certificate fields and extensions. The
match( ) method will only return
true for certificates that have the specified
values for those fields and extensions. A full understanding of this
class requires detailed knowledge of the X.509 standard which is
beyond the scope of this reference. Some of the more important
methods are described here, however.
When you want to match exactly one specific certificate, simply pass
the desired X509Certificate to
setCertificate( ). Constrain the subject of the
certificate with setSubject( ),
setSubjectAlternativeNames( ), of
addSubjectAlternativeName( ). Constrain the issuer
of the certificate with setIssuer( ). Constrain
the public key of the certificate with setPublicKey(
). Constrain the certificate to be valid on a given date
with setCertificateValid( ). And specify a
specific issuer’s serial number for the certificate
with setSerialNumber( ).
Java 5.0 adds methods for identifying certificate subjects and
issuers with
javax.security.auth.x500.X500Principal objects
instead of with strings.
Figure 14-72. java.security.cert.X509CertSelector
public class X509CertSelector implements CertSelector { // Public Constructors public X509CertSelector( ); // Public Instance Methods public void addPathToName(int type ...
Get Java in a Nutshell, 5th Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
