A CertStore object is a repository for Certificate and CRL objects. You may query a CertStore for a java.util.Collection of Certificate or CRL objects that match specified criteria by passing a CertSelector or CRLSelector to getCertificates( ) or getCRLs( ). A CertStore is conceptually similar to a java.security.KeyStore, but there are significant differences in how the two classes are intended to be used. A KeyStore is designed to store a relatively small local collection of private keys and trusted certificates. A CertStore, however, may represent a large public database (in the form of an LDAP server, for examle) of untrusted certificates.
Obtain a CertStore object by calling a getInstance( ) method and specifying the name of the desired CertStore type and a CertStoreParameters object that is specific to that type. Optionally, you may also specify the desired provider of your CertStore object. The default "SUN" provider defines two CertStore types, named "LDAP" and "Collection", which you should use with LDAPCertStoreParameters and CollectionCertStoreParameters objects, respectively. The "LDAP" type obtains certificates and CRLs from a network LDAP server, and the "Collection" type obtains them from a a specified Collection object.
The CertStore class may be directly useful to applications that want to query a LDAP server for certificates. It is also used by PKIXParameters.addCertStore( ) and PKIXParameters.setCertStores( ) to specify a source of certificates to by used by the CertPathBuilder and CertPathValidator classes.
All public methods of CertStore are threadsafe.
public classCertStore { // Protected Constructors protected
CertStore (CertStoreSpi
storeSpi , java.security.Provider
provider , String
type , CertStoreParameters
params ); // Public Class Methods public static final String
getDefaultType ( ); public static CertStore
getInstance (String
type , CertStoreParameters
params ) throws java.security.InvalidAlgorithmParameterException, java.security.NoSuchAlgorithmException; public static CertStore
getInstance (String
type , CertStoreParameters
params , String
provider ) throws java.security.InvalidAlgorithmParameterException, java.security.NoSuchAlgorithmException, java.security.NoSuchProviderException; public static CertStore
getInstance (String
type , CertStoreParameters
params , java.security.Provider
provider ) throws java.security.NoSuchAlgorithmException, java.security.InvalidAlgorithmParameterException; // Public Instance Methods public final java.util.Collection<? extends java.security.cert.Certificate>
getCertificates (CertSelector
selector ) throws CertStoreException; public final CertStoreParameters
getCertStoreParameters ( ); public final java.util.Collection<? extends CRL>
getCRLs (CRLSelector
selector ) throws CertStoreException; public final java.security.Provider
getProvider ( ); public final String
getType ( ); }
PKIXParameters.addCertStore( )