O'Reilly logo

Java in a Nutshell, 5th Edition by David Flanagan

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Name

X509CertSelector

Synopsis

This class is a CertSelector for X.509 certificates. Its various set methods allow you to specify values for various certificate fields and extensions. The match( ) method will only return true for certificates that have the specified values for those fields and extensions. A full understanding of this class requires detailed knowledge of the X.509 standard which is beyond the scope of this reference. Some of the more important methods are described here, however.

When you want to match exactly one specific certificate, simply pass the desired X509Certificate to setCertificate( ). Constrain the subject of the certificate with setSubject( ), setSubjectAlternativeNames( ), of addSubjectAlternativeName( ). Constrain the issuer of the certificate with setIssuer( ). Constrain the public key of the certificate with setPublicKey( ). Constrain the certificate to be valid on a given date with setCertificateValid( ). And specify a specific issuer's serial number for the certificate with setSerialNumber( ).

Java 5.0 adds methods for identifying certificate subjects and issuers with javax.security.auth.x500.X500Principal objects instead of with strings.

java.security.cert.X509CertSelector

Figure 14-72. java.security.cert.X509CertSelector

public class X509CertSelector implements CertSelector {
// Public Constructors
     public X509CertSelector( );  
// Public Instance Methods
     public void addPathToName(int type ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required