Since: API Level 1
package

java.security.cert

This package provides all the classes and all the interfaces needed to generate, administer and verify X.509 certificates. Functionality for parsing certificate, extracting information from them, validating and verifying the information they contains are provided. Exception are generated mainly for three reasons:
- if the certificate's encoding is broken (CertificateEncodingException)
- if the certificate's time stamp is not valid (CertificateExpiredException)
- or if the validation's path is false (CertPathValidatorException).

The functionality to check the different entries and extension fields of X.509 certificates are also provided.

Interfaces

CertPathBuilderResult The interface for results generated by build(CertPathParameters)
CertPathParameters The interface specification for certification path algorithm parameters. 
CertPathValidatorResult The interface specification for certification path validation results. 
CertSelector The interface specification to determine whether a Certificate meets some criteria. 
CertStoreParameters The marker interface specifying the parameters used to initialize a CertStore instance. 
CRLSelector The interface specification for determining whether a CRL meets some criteria to select CRL objects among a set of CRLs. 
PolicyNode The interface to a valid policy tree node for the PKIX certification path validation algorithm. 
X509Extension The interface specifying an X.509 Certificate or CRL extension. 

Classes

Certificate Abstract class to represent identity certificates. 
Certificate.CertificateRep The alternate Serializable class to be used for serialization and deserialization of Certificate objects. 
CertificateFactory This class implements the functionality of a certificate factory algorithm, relying on parsing a stream of bytes. 
CertificateFactorySpi This class defines the Service Provider Interface (SPI) for the CertificateFactory class. 
CertPath An immutable certificate path that can be validated. 
CertPath.CertPathRep The alternate Serializable class to be used for serialization and deserialization on CertPath objects. 
CertPathBuilder This class implements the functionality of a builder for an unverified Certification Paths from a specified certificate to a trust anchor. 
CertPathBuilderSpi The Service Provider Interface (SPI) for the CertPathBuilder class to be implemented by security providers. 
CertPathValidator This class provides the functionality for validating certification paths (certificate chains) establishing a trust chain from a certificate to a trust anchor. 
CertPathValidatorSpi The Service Provider Interface (SPI) for the CertPathValidator class to be implemented by security providers. 
CertStore This class provides the functionality to retrieve Certificates and CRLs from a read-only repository. 
CertStoreSpi The Service Provider Interface (SPI) definition for the CertStore class to be implemented by security providers. 
CollectionCertStoreParameters The parameters to initialize a Collection type CertStore instance. 
CRL This class represents Certificate Revocation Lists (CRLs) maintained by a certificate authority. 
LDAPCertStoreParameters The parameters to initialize a LDAP CertStore instance. 
PKIXBuilderParameters The parameter specification for a PKIX CertPathBuilder algorithm used to build certificate chains validated with the PKIX certification path validation. 
PKIXCertPathBuilderResult The result of the PKIX certification path builder, returned by build(CertPathParameters)
PKIXCertPathChecker The class specifying the interface to extend the certification path validation algorithm by checks to perform on an X509Certificate
PKIXCertPathValidatorResult The implementation of the result of the PKIX certification path validation. 
PKIXParameters This class implements the parameters for the PKIX CertPathValidator
PolicyQualifierInfo This class implements a policy qualifier as defined by the ASN.1 PolicyQualifierInfo structure. 
TrustAnchor This class represents a trust anchor for validation of X.509 certification path. 
X509Certificate Abstract base class for X.509 certificates. 
X509CertSelector A certificate selector (CertSelector for selecting X509Certificates that match the specified criteria. 
X509CRL Abstract base class for X.509 certificate revocation lists (CRL). 
X509CRLEntry Abstract base class for entries in a certificate revocation list (CRL). 
X509CRLSelector A CRL selector (CRLSelector for selecting X509CRLs that match the specified criteria. 

Exceptions

CertificateEncodingException The exception that is thrown when an error occurs while a Certificate is being encoded. 
CertificateException The base class for all Certificate related exceptions. 
CertificateExpiredException The exception that is thrown when a Certificate has expired. 
CertificateNotYetValidException The exception that is thrown when a Certificate is not yet valid or will not yet be valid on a specified date. 
CertificateParsingException The exception that is thrown when a Certificate can not be parsed. 
CertPathBuilderException The exception that is thrown when a CertPathBuilder method fails. 
CertPathValidatorException The exception that is thrown when a certification path (or certificate chain) cannot be validated. 
CertStoreException The exception that is thrown when an access to a CertStore fails. 
CRLException The exception that is thrown if errors occur during handling of CRLs.