|
|||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||||
java.lang.Objectcom.ibm.security.certclient.util.PkNewCertFactory
public final class PkNewCertFactory
Generate a certificate signed with specified signing certificate.
| Method Summary | |
|---|---|
static PkNewCertificate |
newCert(int keySize,
String subjectDN,
int numValidDays,
Date notBefore,
boolean useShortSubjectKId,
List<String> subjectAltNames,
List<String> kUsage,
List<String> extKUsage,
String provider,
KeyPair keyPair,
X509Certificate[] signing_cert_chain,
PrivateKey signing_cert_private_key)
Create a personal certificate with supplied extensions |
static PkNewCertificate |
newCert(int keySize,
String subjectDN,
int numValidDays,
Date notBefore,
boolean useShortSubjectKId,
List<String> subjectAltNames,
List<String> kUsage,
List<String> extKUsage,
String provider,
KeyPair keyPair,
X509Certificate[] signing_cert_chain,
PrivateKey signing_cert_private_key,
boolean CA)
Create a personal certificate with supplied extensions |
static PkNewCertificate |
newCert(int keySize,
String subjectDN,
int numValidDays,
Date notBefore,
boolean useShortSubjectKId,
List<String> subjectAltNames,
List<String> kUsage,
List<String> extKUsage,
String provider,
X509Certificate[] signing_cert_chain,
PrivateKey signing_cert_private_key)
Create a personal certificate with supplied extensions |
static PkNewCertificate |
newCert(int keySize,
String subjectDN,
int numValidDays,
Date notBefore,
boolean useShortSubjectKId,
String provider,
KeyPair keyPair,
X509Certificate[] signing_cert_chain,
PrivateKey signing_cert_private_key)
Create a personal certificate without any supplied extensions |
static PkNewCertificate |
newCert(int keySize,
String subjectDN,
int numValidDays,
Date notBefore,
boolean useShortSubjectKId,
String provider,
X509Certificate[] signing_cert_chain,
PrivateKey signing_cert_private_key)
Create a personal certificate without any supplied extensions |
static PkNewCertificate |
newCert(String subjectDN,
X509Certificate[] signing_cert_chain,
PrivateKey signing_cert_private_key)
Most simple way to generate a personal certificate signed by a signing certificate. |
| Methods inherited from class java.lang.Object |
|---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Method Detail |
|---|
public static PkNewCertificate newCert(String subjectDN,
X509Certificate[] signing_cert_chain,
PrivateKey signing_cert_private_key)
throws com.ibm.security.certclient.base.PkRejectionException
subjectDN - Distinguished name which will be the subject for
this certificatesigning_cert_chain - X509Certificate signing chainsigning_cert_private_key - Private key to sign personal certificate which is being created
com.ibm.security.certclient.base.PkRejectionException
public static PkNewCertificate newCert(int keySize,
String subjectDN,
int numValidDays,
Date notBefore,
boolean useShortSubjectKId,
String provider,
X509Certificate[] signing_cert_chain,
PrivateKey signing_cert_private_key)
throws com.ibm.security.certclient.base.PkRejectionException
keySize - size of key.subjectDN - Distinguished name which will be both subject for
this certificatenumValidDays - period of certificate validity. Will be measured from notBefore
date.notBefore - Date that this certificate valitity begins. Must be no greater
than 3 days prior to the issuing UTC time. If null,
current Date will be used.useShortSubjectKId - if true use short form of Subject Key Id else use long formprovider - name of crypto providersigning_cert_chain - X509Certificate signing chainsigning_cert_private_key - Private key to sign personal certificate which is being created
com.ibm.security.certclient.base.PkRejectionException
public static PkNewCertificate newCert(int keySize,
String subjectDN,
int numValidDays,
Date notBefore,
boolean useShortSubjectKId,
String provider,
KeyPair keyPair,
X509Certificate[] signing_cert_chain,
PrivateKey signing_cert_private_key)
throws com.ibm.security.certclient.base.PkRejectionException
keySize - size of key. Not used if keyPair is provided.subjectDN - Distinguished name which will be both subject and issuer for
this certificatenumValidDays - period of certificate validity. Will be measured from notBefore
date.notBefore - Date that this certificate valitity begins. Must be no greater
than 3 days prior to the issuing UTC time. If null,
current Date will be used.useShortSubjectKId - if true use short form of Subject Key Id else use long formprovider - name of crypto providerkeyPair - keypair to use for private/public keysigning_cert_chain - X509Certificate signing chainsigning_cert_private_key - Private key to sign personal certificate which is being created
com.ibm.security.certclient.base.PkRejectionException
public static PkNewCertificate newCert(int keySize,
String subjectDN,
int numValidDays,
Date notBefore,
boolean useShortSubjectKId,
List<String> subjectAltNames,
List<String> kUsage,
List<String> extKUsage,
String provider,
X509Certificate[] signing_cert_chain,
PrivateKey signing_cert_private_key)
throws com.ibm.security.certclient.base.PkRejectionException
keySize - size of key.subjectDN - Distinguished name which will be both subject for
this certificatenumValidDays - period of certificate validity. Will be measured from notBefore
date.notBefore - Date that this certificate valitity begins. Must be no greater
than 3 days prior to the issuing UTC time. If null,
current Date will be used.useShortSubjectKId - if true use short form of Subject Key Id else use long formsubjectAltNames - (optional)list of subject alternate names. Specify null to
indicate that no value is being specified.
kUsage - (optional)list of Key Usage strings. Acceptable values are-
"digital_signature" "non_repudiation" "key_encipherment"
"data_encipherment" "encipher_only" "decipher_only"extKUsage - (optional)list of Extended Key Usage strings. Acceptable
values are- "ServerAuth_Id" "ClientAuth_Id" "CodeSigning_Id"
"EmailProtection_Id" "IPSecEndSystem_Id" "IPSecTunnel_Id"
"IPSecUser_Id" "TimeStamping_Id"provider - name of crypto providersigning_cert_chain - X509Certificate signing chainsigning_cert_private_key - Private key to sign personal certificate which is being created
com.ibm.security.certclient.base.PkRejectionException
public static PkNewCertificate newCert(int keySize,
String subjectDN,
int numValidDays,
Date notBefore,
boolean useShortSubjectKId,
List<String> subjectAltNames,
List<String> kUsage,
List<String> extKUsage,
String provider,
KeyPair keyPair,
X509Certificate[] signing_cert_chain,
PrivateKey signing_cert_private_key)
throws com.ibm.security.certclient.base.PkRejectionException
keySize - size of key. Not used if keyPair is provided.subjectDN - Distinguished name which will be both subject for
this certificatenumValidDays - period of certificate validity. Will be measured from notBefore
date.notBefore - Date that this certificate valitity begins. Must be no greater
than 3 days prior to the issuing UTC time. If null,
current Date will be used.useShortSubjectKId - if true use short form of Subject Key Id else use long formsubjectAltNames - (optional)list of subject alternate names. Specify null to
indicate that no value is being specified.
kUsage - (optional)list of Key Usage strings. Acceptable values are-
"digital_signature" "non_repudiation" "key_encipherment"
"data_encipherment" "encipher_only" "decipher_only"extKUsage - (optional)list of Extended Key Usage strings. Acceptable
values are- "ServerAuth_Id" "ClientAuth_Id" "CodeSigning_Id"
"EmailProtection_Id" "IPSecEndSystem_Id" "IPSecTunnel_Id"
"IPSecUser_Id" "TimeStamping_Id"provider - name of crypto providerkeyPair - keypair to use for private/public keys
if null, keypair will be generatedsigning_cert_chain - X509Certificate signing chainsigning_cert_private_key - Private key to sign personal certificate which is being created
com.ibm.security.certclient.base.PkRejectionException
public static PkNewCertificate newCert(int keySize,
String subjectDN,
int numValidDays,
Date notBefore,
boolean useShortSubjectKId,
List<String> subjectAltNames,
List<String> kUsage,
List<String> extKUsage,
String provider,
KeyPair keyPair,
X509Certificate[] signing_cert_chain,
PrivateKey signing_cert_private_key,
boolean CA)
throws com.ibm.security.certclient.base.PkRejectionException
keySize - size of key. Not used if keyPair is provided.subjectDN - Distinguished name which will be both subject for
this certificatenumValidDays - period of certificate validity. Will be measured from notBefore
date.notBefore - Date that this certificate valitity begins. Must be no greater
than 3 days prior to the issuing UTC time. If null,
current Date will be used.useShortSubjectKId - if true use short form of Subject Key Id else use long formsubjectAltNames - (optional)list of subject alternate names. Specify null to
indicate that no value is being specified.
kUsage - (optional)list of Key Usage strings. Acceptable values are-
"digital_signature" "non_repudiation" "key_encipherment"
"data_encipherment" "encipher_only" "decipher_only"extKUsage - (optional)list of Extended Key Usage strings. Acceptable
values are- "ServerAuth_Id" "ClientAuth_Id" "CodeSigning_Id"
"EmailProtection_Id" "IPSecEndSystem_Id" "IPSecTunnel_Id"
"IPSecUser_Id" "TimeStamping_Id"provider - name of crypto providerkeyPair - keypair to use for private/public keys
if null, keypair will be generatedsigning_cert_chain - X509Certificate signing chainsigning_cert_private_key - Private key to sign personal certificate which is being createdCA - true - create this certificate as a CA with basic constraints
false - create this certificate as an end-user without basic constraints
com.ibm.security.certclient.base.PkRejectionException
|
|||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||||