|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectcom.ibm.security.certclient.util.PkNewCertFactory
public final class PkNewCertFactory
Generate a certificate signed with specified signing certificate.
Method Summary | |
---|---|
static PkNewCertificate |
newCert(int keySize,
String subjectDN,
int numValidDays,
Date notBefore,
boolean useShortSubjectKId,
List<String> subjectAltNames,
List<String> kUsage,
List<String> extKUsage,
String provider,
KeyPair keyPair,
X509Certificate[] signing_cert_chain,
PrivateKey signing_cert_private_key)
Create a personal certificate with supplied extensions |
static PkNewCertificate |
newCert(int keySize,
String subjectDN,
int numValidDays,
Date notBefore,
boolean useShortSubjectKId,
List<String> subjectAltNames,
List<String> kUsage,
List<String> extKUsage,
String provider,
KeyPair keyPair,
X509Certificate[] signing_cert_chain,
PrivateKey signing_cert_private_key,
boolean CA)
Create a personal certificate with supplied extensions |
static PkNewCertificate |
newCert(int keySize,
String subjectDN,
int numValidDays,
Date notBefore,
boolean useShortSubjectKId,
List<String> subjectAltNames,
List<String> kUsage,
List<String> extKUsage,
String provider,
X509Certificate[] signing_cert_chain,
PrivateKey signing_cert_private_key)
Create a personal certificate with supplied extensions |
static PkNewCertificate |
newCert(int keySize,
String subjectDN,
int numValidDays,
Date notBefore,
boolean useShortSubjectKId,
String provider,
KeyPair keyPair,
X509Certificate[] signing_cert_chain,
PrivateKey signing_cert_private_key)
Create a personal certificate without any supplied extensions |
static PkNewCertificate |
newCert(int keySize,
String subjectDN,
int numValidDays,
Date notBefore,
boolean useShortSubjectKId,
String provider,
X509Certificate[] signing_cert_chain,
PrivateKey signing_cert_private_key)
Create a personal certificate without any supplied extensions |
static PkNewCertificate |
newCert(String subjectDN,
X509Certificate[] signing_cert_chain,
PrivateKey signing_cert_private_key)
Most simple way to generate a personal certificate signed by a signing certificate. |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Method Detail |
---|
public static PkNewCertificate newCert(String subjectDN, X509Certificate[] signing_cert_chain, PrivateKey signing_cert_private_key) throws com.ibm.security.certclient.base.PkRejectionException
subjectDN
- Distinguished name which will be the subject for
this certificatesigning_cert_chain
- X509Certificate signing chainsigning_cert_private_key
- Private key to sign personal certificate which is being created
com.ibm.security.certclient.base.PkRejectionException
public static PkNewCertificate newCert(int keySize, String subjectDN, int numValidDays, Date notBefore, boolean useShortSubjectKId, String provider, X509Certificate[] signing_cert_chain, PrivateKey signing_cert_private_key) throws com.ibm.security.certclient.base.PkRejectionException
keySize
- size of key.subjectDN
- Distinguished name which will be both subject for
this certificatenumValidDays
- period of certificate validity. Will be measured from notBefore
date.notBefore
- Date that this certificate valitity begins. Must be no greater
than 3 days prior to the issuing UTC time. If null,
current Date will be used.useShortSubjectKId
- if true use short form of Subject Key Id else use long formprovider
- name of crypto providersigning_cert_chain
- X509Certificate signing chainsigning_cert_private_key
- Private key to sign personal certificate which is being created
com.ibm.security.certclient.base.PkRejectionException
public static PkNewCertificate newCert(int keySize, String subjectDN, int numValidDays, Date notBefore, boolean useShortSubjectKId, String provider, KeyPair keyPair, X509Certificate[] signing_cert_chain, PrivateKey signing_cert_private_key) throws com.ibm.security.certclient.base.PkRejectionException
keySize
- size of key. Not used if keyPair is provided.subjectDN
- Distinguished name which will be both subject and issuer for
this certificatenumValidDays
- period of certificate validity. Will be measured from notBefore
date.notBefore
- Date that this certificate valitity begins. Must be no greater
than 3 days prior to the issuing UTC time. If null,
current Date will be used.useShortSubjectKId
- if true use short form of Subject Key Id else use long formprovider
- name of crypto providerkeyPair
- keypair to use for private/public keysigning_cert_chain
- X509Certificate signing chainsigning_cert_private_key
- Private key to sign personal certificate which is being created
com.ibm.security.certclient.base.PkRejectionException
public static PkNewCertificate newCert(int keySize, String subjectDN, int numValidDays, Date notBefore, boolean useShortSubjectKId, List<String> subjectAltNames, List<String> kUsage, List<String> extKUsage, String provider, X509Certificate[] signing_cert_chain, PrivateKey signing_cert_private_key) throws com.ibm.security.certclient.base.PkRejectionException
keySize
- size of key.subjectDN
- Distinguished name which will be both subject for
this certificatenumValidDays
- period of certificate validity. Will be measured from notBefore
date.notBefore
- Date that this certificate valitity begins. Must be no greater
than 3 days prior to the issuing UTC time. If null,
current Date will be used.useShortSubjectKId
- if true use short form of Subject Key Id else use long formsubjectAltNames
- (optional)list of subject alternate names. Specify null to
indicate that no value is being specified.
kUsage
- (optional)list of Key Usage strings. Acceptable values are-
"digital_signature" "non_repudiation" "key_encipherment"
"data_encipherment" "encipher_only" "decipher_only"extKUsage
- (optional)list of Extended Key Usage strings. Acceptable
values are- "ServerAuth_Id" "ClientAuth_Id" "CodeSigning_Id"
"EmailProtection_Id" "IPSecEndSystem_Id" "IPSecTunnel_Id"
"IPSecUser_Id" "TimeStamping_Id"provider
- name of crypto providersigning_cert_chain
- X509Certificate signing chainsigning_cert_private_key
- Private key to sign personal certificate which is being created
com.ibm.security.certclient.base.PkRejectionException
public static PkNewCertificate newCert(int keySize, String subjectDN, int numValidDays, Date notBefore, boolean useShortSubjectKId, List<String> subjectAltNames, List<String> kUsage, List<String> extKUsage, String provider, KeyPair keyPair, X509Certificate[] signing_cert_chain, PrivateKey signing_cert_private_key) throws com.ibm.security.certclient.base.PkRejectionException
keySize
- size of key. Not used if keyPair is provided.subjectDN
- Distinguished name which will be both subject for
this certificatenumValidDays
- period of certificate validity. Will be measured from notBefore
date.notBefore
- Date that this certificate valitity begins. Must be no greater
than 3 days prior to the issuing UTC time. If null,
current Date will be used.useShortSubjectKId
- if true use short form of Subject Key Id else use long formsubjectAltNames
- (optional)list of subject alternate names. Specify null to
indicate that no value is being specified.
kUsage
- (optional)list of Key Usage strings. Acceptable values are-
"digital_signature" "non_repudiation" "key_encipherment"
"data_encipherment" "encipher_only" "decipher_only"extKUsage
- (optional)list of Extended Key Usage strings. Acceptable
values are- "ServerAuth_Id" "ClientAuth_Id" "CodeSigning_Id"
"EmailProtection_Id" "IPSecEndSystem_Id" "IPSecTunnel_Id"
"IPSecUser_Id" "TimeStamping_Id"provider
- name of crypto providerkeyPair
- keypair to use for private/public keys
if null, keypair will be generatedsigning_cert_chain
- X509Certificate signing chainsigning_cert_private_key
- Private key to sign personal certificate which is being created
com.ibm.security.certclient.base.PkRejectionException
public static PkNewCertificate newCert(int keySize, String subjectDN, int numValidDays, Date notBefore, boolean useShortSubjectKId, List<String> subjectAltNames, List<String> kUsage, List<String> extKUsage, String provider, KeyPair keyPair, X509Certificate[] signing_cert_chain, PrivateKey signing_cert_private_key, boolean CA) throws com.ibm.security.certclient.base.PkRejectionException
keySize
- size of key. Not used if keyPair is provided.subjectDN
- Distinguished name which will be both subject for
this certificatenumValidDays
- period of certificate validity. Will be measured from notBefore
date.notBefore
- Date that this certificate valitity begins. Must be no greater
than 3 days prior to the issuing UTC time. If null,
current Date will be used.useShortSubjectKId
- if true use short form of Subject Key Id else use long formsubjectAltNames
- (optional)list of subject alternate names. Specify null to
indicate that no value is being specified.
kUsage
- (optional)list of Key Usage strings. Acceptable values are-
"digital_signature" "non_repudiation" "key_encipherment"
"data_encipherment" "encipher_only" "decipher_only"extKUsage
- (optional)list of Extended Key Usage strings. Acceptable
values are- "ServerAuth_Id" "ClientAuth_Id" "CodeSigning_Id"
"EmailProtection_Id" "IPSecEndSystem_Id" "IPSecTunnel_Id"
"IPSecUser_Id" "TimeStamping_Id"provider
- name of crypto providerkeyPair
- keypair to use for private/public keys
if null, keypair will be generatedsigning_cert_chain
- X509Certificate signing chainsigning_cert_private_key
- Private key to sign personal certificate which is being createdCA
- true - create this certificate as a CA with basic constraints
false - create this certificate as an end-user without basic constraints
com.ibm.security.certclient.base.PkRejectionException
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |