This class represents an X.509 certificate. Its various methods provide complete access to the contents of the certificate. A full understanding of this class requires detailed knowledge of the X.509 standard which is beyond the scope of this reference. Some of the more important methods are described here, however. getSubjectDN( ) returns the Principal to whom this certificate applies, and the inherited getPublicKey( ) method returns the PublicKey that the certificate associates with that Principal. getIssuerDN( ) returns a Principal that represents the issuer of the certificate, and if you know the public key for that Principal, you can pass it to the verify( ) method to check the digital signature of the issuer and ensure that the certificate is not forged. checkValidity( ) checks whether the certificate has expired or has not yet gone into effect. Note that verify( ) and getPublicKey( ) are inherited from Certificate.
Obtain an X509Certificate object by creating a CertificateFactory for certificate type "X.509" and then using generateCertificate( ) to parse an X.509 certificate from a stream of bytes. Finally, cast the Certificate returned by this method to an X509Certificate.
public abstract classX509Certificate extends java.security.cert.Certificate implements X509Extension { // Protected Constructors protected
X509Certificate ( ); // Public Instance Methods public abstract void
checkValidity ( ) throws CertificateExpiredException, CertificateNotYetValidException; public abstract void
checkValidity (java.util.Date
date ) throws CertificateExpiredException, CertificateNotYetValidException; public abstract int
getBasicConstraints ( );
1.4 public java.util.List<String>
getExtendedKeyUsage ( ) throws CertificateParsingException;
1.4 public java.util.Collection<java.util.List<?>>
getIssuerAlternativeNames ( ) throws CertificateParsingException; public abstract java.security.Principal
getIssuerDN ( ); public abstract boolean[ ]
getIssuerUniqueID ( );
1.4 public javax.security.auth.x500.X500Principal
getIssuerX500Principal ( ); public abstract boolean[ ]
getKeyUsage ( ); public abstract java.util.Date
getNotAfter ( ); public abstract java.util.Date
getNotBefore ( ); public abstract java.math.BigInteger
getSerialNumber ( ); public abstract String
getSigAlgName ( ); public abstract String
getSigAlgOID ( ); public abstract byte[ ]
getSigAlgParams ( ); public abstract byte[ ]
getSignature ( );
1.4 public java.util.Collection<java.util.List<?>>
getSubjectAlternativeNames ( ) throws CertificateParsingException; public abstract java.security.Principal
getSubjectDN ( ); public abstract boolean[ ]
getSubjectUniqueID ( );
1.4 public javax.security.auth.x500.X500Principal
getSubjectX500Principal ( ); public abstract byte[ ]
getTBSCertificate ( ) throws CertificateEncodingException; public abstract int
getVersion ( ); }
trustAnchor.TrustAnchor( ), X509CertSelector.setCertificate( ), X509CRL.getRevokedCertificate( ), X509CRLSelector.setCertificateChecking( ), javax.net.ssl.X509TrustManager.{checkClientTrusted( ), checkServerTrusted( )}, javax.security.auth.x500.X500PrivateCredential.X500PrivateCredential( )
trustAnchor.getTrustedCert( ), X509CertSelector.getCertificate( ), X509CRLSelector.getCertificateChecking( ), javax.net.ssl.X509KeyManager.getCertificateChain( ), javax.net.ssl.X509TrustManager.getAcceptedIssuers( ), javax.security.auth.x500.X500PrivateCredential.getCertificate( )