com.ibm.security.certclient.util
Class PkSsCertFactory
- java.lang.Object
com.ibm.security.certclient.util.PkSsCertFactory
- public final class PkSsCertFactory
- extends java.lang.Object
Method Summary
Modifier and Type | Method and Description |
---|---|
|
newSsCert(int keySize,java.lang.String subjectDN,int numValidDays,boolean useRSA,boolean useShortSubjectKId,java.util.List<java.lang.String> subjectAltNames,java.util.List<java.lang.String> kUsage,java.util.List<java.lang.String> extKUsage,java.lang.String provider)
Create a self-signed certificate with supplied extensions
|
|
newSsCert(int keySize,java.lang.String subjectDN,int numValidDays,boolean useRSA,boolean useShortSubjectKId,java.util.List<java.lang.String> subjectAltNames,java.util.List<java.lang.String> kUsage,java.util.List<java.lang.String> extKUsage,java.lang.String provider,java.security.KeyPair keyPair)
Create a self-signed certificate with supplied extensions
|
|
newSsCert(int keySize,java.lang.String subjectDN,int numValidDays,boolean useRSA,boolean useShortSubjectKId,java.lang.String provider)
Create a self-signed certificate without any supplied extensions
|
|
newSsCert(int keySize,java.lang.String subjectDN,int numValidDays,boolean useRSA,boolean useShortSubjectKId,java.lang.String provider,java.security.KeyPair keyPair)
Create a self-signed certificate without any supplied extensions
|
|
newSsCert(int keySize,java.lang.String subjectDN,int numValidDays,java.util.Date notBefore,boolean useRSA,boolean useShortSubjectKId,java.util.List<java.lang.String> subjectAltNames,java.util.List<java.lang.String> kUsage,java.util.List<java.lang.String> extKUsage,java.lang.String provider)
Create a self-signed certificate with supplied extensions
|
|
newSsCert(int keySize,java.lang.String subjectDN,int numValidDays,java.util.Date notBefore,boolean useRSA,boolean useShortSubjectKId,java.util.List<java.lang.String> subjectAltNames,java.util.List<java.lang.String> kUsage,java.util.List<java.lang.String> extKUsage,java.lang.String provider,java.security.KeyPair keyPair)
Create a self-signed certificate with supplied extensions
|
|
newSsCert(int keySize,java.lang.String subjectDN,int numValidDays,java.util.Date notBefore,boolean useRSA,boolean useShortSubjectKId,java.util.List<java.lang.String> subjectAltNames,java.util.List<java.lang.String> kUsage,java.util.List<java.lang.String> extKUsage,java.lang.String provider,java.security.KeyPair keyPair,boolean CA)
Create a self-signed certificate with supplied extensions
|
|
newSsCert(int keySize,java.lang.String subjectDN,int numValidDays,java.util.Date notBefore,boolean useRSA,boolean useShortSubjectKId,java.lang.String provider)
Create a self-signed certificate without any supplied extensions
|
|
newSsCert(int keySize,java.lang.String subjectDN,int numValidDays,java.util.Date notBefore,boolean useRSA,boolean useShortSubjectKId,java.lang.String provider,java.security.KeyPair keyPair)
Create a self-signed certificate without any supplied extensions
|
|
newSsCert(java.lang.String subjectDN)
Most simple way to generate a self-signed certificate.
|
|
newSsCert(java.lang.String subjectDN,java.util.Date notBefore)
Most simple way to generate a self-signed certificate.
|
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Method Detail
newSsCert
- public static PkSsCertificate newSsCert( java.lang.String subjectDN)
- throws com.ibm.security.certclient.base.PkRejectionException
Most simple way to generate a self-signed certificate. Uses all default
values:
version = 3
keysize = 1024
validity period = 365 days from current date
signatureAlgorithm = SHA1withRSA
subjectKeyId version = long
provider = IBMJCE
Parameters:
subjectDN
- Distinguished name which will be both subject and issuer for
this certificate Returns:
a PkSsCertificate type object that implements a self-signed
certificate with the provided attributes
Throws:
com.ibm.security.certclient.base.PkRejectionException
newSsCert
- public static PkSsCertificate newSsCert( java.lang.String subjectDN,
- java.util.Date notBefore)
- throws com.ibm.security.certclient.base.PkRejectionException
Most simple way to generate a self-signed certificate. Uses all default
values:
version = 3
keysize = 1024
validity period = 365 days from notBefore date
signatureAlgorithm = SHA1withRSA
subjectKeyId version = long
provider = IBMJCE
Parameters:
subjectDN
- Distinguished name which will be both subject and issuer for
this certificate notBefore
- Date that this certificate valitity begins. Must be no greater
than 3 days prior to the issuing UTC time. If null,
current Date will be used. Returns:
a PkSsCertificate type object that implements a self-signed
certificate with the provided attributes
Throws:
com.ibm.security.certclient.base.PkRejectionException
newSsCert
- public static PkSsCertificate newSsCert( int keySize,
- java.lang.String subjectDN,
- int numValidDays,
- boolean useRSA,
- boolean useShortSubjectKId,
- java.lang.String provider)
- throws com.ibm.security.certclient.base.PkRejectionException
Create a self-signed certificate without any supplied extensions
Parameters:
keySize
- size of key. subjectDN
- Distinguished name which will be both subject and issuer for
this certificate numValidDays
- period of certificate validity. Will be measured from current
date. useRSA
- if true use RSA key with SHA1withRSA signature algorithm else
DSA with SHA1withDSA algorithm useShortSubjectKId
- if true use short form of Subject Key Id else use long form provider
- name of crypto provider Returns:
a PkSsCertificate type object that implements a self-signed
certificate with the provided attributes
Throws:
com.ibm.security.certclient.base.PkRejectionException
newSsCert
- public static PkSsCertificate newSsCert( int keySize,
- java.lang.String subjectDN,
- int numValidDays,
- java.util.Date notBefore,
- boolean useRSA,
- boolean useShortSubjectKId,
- java.lang.String provider)
- throws com.ibm.security.certclient.base.PkRejectionException
Create a self-signed certificate without any supplied extensions
Parameters:
keySize
- size of key. subjectDN
- Distinguished name which will be both subject and issuer for
this certificate numValidDays
- period of certificate validity. Will be measured from notBefore
date. notBefore
- Date that this certificate valitity begins. Must be no greater
than 3 days prior to the issuing UTC time. If null,
current Date will be used. useRSA
- if true use RSA key with SHA1withRSA signature algorithm else
DSA with SHA1withDSA algorithm useShortSubjectKId
- if true use short form of Subject Key Id else use long form provider
- name of crypto provider Returns:
a PkSsCertificate type object that implements a self-signed
certificate with the provided attributes
Throws:
com.ibm.security.certclient.base.PkRejectionException
newSsCert
- public static PkSsCertificate newSsCert( int keySize,
- java.lang.String subjectDN,
- int numValidDays,
- boolean useRSA,
- boolean useShortSubjectKId,
- java.lang.String provider,
- java.security.KeyPair keyPair)
- throws com.ibm.security.certclient.base.PkRejectionException
Create a self-signed certificate without any supplied extensions
Parameters:
keySize
- size of key. Not used if keyPair is provided. subjectDN
- Distinguished name which will be both subject and issuer for
this certificate numValidDays
- period of certificaate validity. Will be measured from current
date. useRSA
- if true use RSA key with SHA1withRSA signature algorithm else
DSA with SHA1withDSA algorithm
Not used if keyPair is provided. useShortSubjectKId
- if true use short form of Subject Key Id else use long form provider
- name of crypto provider keyPair
- keypair to use for private/public key Returns:
a PkSsCertificate type object that implements a self-signed
certificate with the provided attributes
Throws:
com.ibm.security.certclient.base.PkRejectionException
newSsCert
- public static PkSsCertificate newSsCert( int keySize,
- java.lang.String subjectDN,
- int numValidDays,
- java.util.Date notBefore,
- boolean useRSA,
- boolean useShortSubjectKId,
- java.lang.String provider,
- java.security.KeyPair keyPair)
- throws com.ibm.security.certclient.base.PkRejectionException
Create a self-signed certificate without any supplied extensions
Parameters:
keySize
- size of key. Not used if keyPair is provided. subjectDN
- Distinguished name which will be both subject and issuer for
this certificate numValidDays
- period of certificaate validity. Will be measured from notBefore
date. notBefore
- Date that this certificate valitity begins. Must be no greater
than 3 days prior to the issuing UTC time. If null,
current Date will be used. useRSA
- if true use RSA key with SHA1withRSA signature algorithm else
DSA with SHA1withDSA algorithm
Not used if keyPair is provided. useShortSubjectKId
- if true use short form of Subject Key Id else use long form provider
- name of crypto provider keyPair
- keypair to use for private/public key Returns:
a PkSsCertificate type object that implements a self-signed
certificate with the provided attributes
Throws:
com.ibm.security.certclient.base.PkRejectionException
newSsCert
- public static PkSsCertificate newSsCert( int keySize,
- java.lang.String subjectDN,
- int numValidDays,
- boolean useRSA,
- boolean useShortSubjectKId,
- java.util.List<java.lang.String> subjectAltNames,
- java.util.List<java.lang.String> kUsage,
- java.util.List<java.lang.String> extKUsage,
- java.lang.String provider)
- throws com.ibm.security.certclient.base.PkRejectionException
Create a self-signed certificate with supplied extensions
Parameters:
keySize
- size of key. subjectDN
- Distinguished name which will be both subject and issuer for
this certificate numValidDays
- period of certificaate validity. Will be measured from current
date. useRSA
- if true use RSA key with SHA1withRSA signature algorithm else
DSA with SHA1withDSA algorithm useShortSubjectKId
- if true use short form of Subject Key Id else use long form subjectAltNames
- (optional)list of subject alternate names. Specify null to
indicate that no value is being specified.
kUsage
- (optional)list of Key Usage strings. Acceptable values are-
"digital_signature" "non_repudiation" "key_encipherment"
"data_encipherment" "encipher_only" "decipher_only" extKUsage
- (optional)list of Extended Key Usage strings. Acceptable
values are- "ServerAuth_Id" "ClientAuth_Id" "CodeSigning_Id"
"EmailProtection_Id" "IPSecEndSystem_Id" "IPSecTunnel_Id"
"IPSecUser_Id" "TimeStamping_Id" provider
- name of crypto provider Returns:
a PkSsCertificate type object that implements a self-signed
certificate with the provided attributes
Throws:
com.ibm.security.certclient.base.PkRejectionException
newSsCert
- public static PkSsCertificate newSsCert( int keySize,
- java.lang.String subjectDN,
- int numValidDays,
- java.util.Date notBefore,
- boolean useRSA,
- boolean useShortSubjectKId,
- java.util.List<java.lang.String> subjectAltNames,
- java.util.List<java.lang.String> kUsage,
- java.util.List<java.lang.String> extKUsage,
- java.lang.String provider)
- throws com.ibm.security.certclient.base.PkRejectionException
Create a self-signed certificate with supplied extensions
Parameters:
keySize
- size of key. subjectDN
- Distinguished name which will be both subject and issuer for
this certificate numValidDays
- period of certificaate validity. Will be measured from notBefore
date. notBefore
- Date that this certificate valitity begins. Must be no greater
than 3 days prior to the issuing UTC time. If null,
current Date will be used. useRSA
- if true use RSA key with SHA1withRSA signature algorithm else
DSA with SHA1withDSA algorithm useShortSubjectKId
- if true use short form of Subject Key Id else use long form subjectAltNames
- (optional)list of subject alternate names. Specify null to
indicate that no value is being specified.
kUsage
- (optional)list of Key Usage strings. Acceptable values are-
"digital_signature" "non_repudiation" "key_encipherment"
"data_encipherment" "encipher_only" "decipher_only" extKUsage
- (optional)list of Extended Key Usage strings. Acceptable
values are- "ServerAuth_Id" "ClientAuth_Id" "CodeSigning_Id"
"EmailProtection_Id" "IPSecEndSystem_Id" "IPSecTunnel_Id"
"IPSecUser_Id" "TimeStamping_Id" provider
- name of crypto provider Returns:
a PkSsCertificate type object that implements a self-signed
certificate with the provided attributes
Throws:
com.ibm.security.certclient.base.PkRejectionException
newSsCert
- public static PkSsCertificate newSsCert( int keySize,
- java.lang.String subjectDN,
- int numValidDays,
- boolean useRSA,
- boolean useShortSubjectKId,
- java.util.List<java.lang.String> subjectAltNames,
- java.util.List<java.lang.String> kUsage,
- java.util.List<java.lang.String> extKUsage,
- java.lang.String provider,
- java.security.KeyPair keyPair)
- throws com.ibm.security.certclient.base.PkRejectionException
Create a self-signed certificate with supplied extensions
Parameters:
keySize
- size of key. Not used if keyPair is provided. subjectDN
- Distinguished name which will be both subject and issuer for
this certificate numValidDays
- period of certificaate validity. Will be measured from current
date. useRSA
- if true use RSA key with SHA1withRSA signature algorithm else
DSA with SHA1withDSA algorithm
Not used if keyPair is provided. useShortSubjectKId
- if true use short form of Subject Key Id else use long form subjectAltNames
- (optional)list of subject alternate names. Specify null to
indicate that no value is being specified.
kUsage
- (optional)list of Key Usage strings. Acceptable values are-
"digital_signature" "non_repudiation" "key_encipherment"
"data_encipherment" "encipher_only" "decipher_only" extKUsage
- (optional)list of Extended Key Usage strings. Acceptable
values are- "ServerAuth_Id" "ClientAuth_Id" "CodeSigning_Id"
"EmailProtection_Id" "IPSecEndSystem_Id" "IPSecTunnel_Id"
"IPSecUser_Id" "TimeStamping_Id" provider
- name of crypto provider keyPair
- keypair to use for private/public keys
if null, keypair will be generated Returns:
a PkSsCertificate type object that implements a self-signed
certificate with the provided attributes
Throws:
com.ibm.security.certclient.base.PkRejectionException
newSsCert
- public static PkSsCertificate newSsCert( int keySize,
- java.lang.String subjectDN,
- int numValidDays,
- java.util.Date notBefore,
- boolean useRSA,
- boolean useShortSubjectKId,
- java.util.List<java.lang.String> subjectAltNames,
- java.util.List<java.lang.String> kUsage,
- java.util.List<java.lang.String> extKUsage,
- java.lang.String provider,
- java.security.KeyPair keyPair)
- throws com.ibm.security.certclient.base.PkRejectionException
Create a self-signed certificate with supplied extensions
Parameters:
keySize
- size of key. Not used if keyPair is provided. subjectDN
- Distinguished name which will be both subject and issuer for
this certificate numValidDays
- period of certificaate validity. Will be measured from notBefore
date. notBefore
- Date that this certificate valitity begins. Must be no greater
than 3 days prior to the issuing UTC time. If null,
current Date will be used. useRSA
- if true use RSA key with SHA1withRSA signature algorithm else
DSA with SHA1withDSA algorithm
Not used if keyPair is provided. useShortSubjectKId
- if true use short form of Subject Key Id else use long form subjectAltNames
- (optional)list of subject alternate names. Specify null to
indicate that no value is being specified.
kUsage
- (optional)list of Key Usage strings. Acceptable values are-
"digital_signature" "non_repudiation" "key_encipherment"
"data_encipherment" "encipher_only" "decipher_only" extKUsage
- (optional)list of Extended Key Usage strings. Acceptable
values are- "ServerAuth_Id" "ClientAuth_Id" "CodeSigning_Id"
"EmailProtection_Id" "IPSecEndSystem_Id" "IPSecTunnel_Id"
"IPSecUser_Id" "TimeStamping_Id" provider
- name of crypto provider keyPair
- keypair to use for private/public keys
if null, keypair will be generated Returns:
a PkSsCertificate type object that implements a self-signed
certificate with the provided attributes
Throws:
com.ibm.security.certclient.base.PkRejectionException
newSsCert
- public static PkSsCertificate newSsCert( int keySize,
- java.lang.String subjectDN,
- int numValidDays,
- java.util.Date notBefore,
- boolean useRSA,
- boolean useShortSubjectKId,
- java.util.List<java.lang.String> subjectAltNames,
- java.util.List<java.lang.String> kUsage,
- java.util.List<java.lang.String> extKUsage,
- java.lang.String provider,
- java.security.KeyPair keyPair,
- boolean CA)
- throws com.ibm.security.certclient.base.PkRejectionException
Create a self-signed certificate with supplied extensions
Parameters:
keySize
- size of key. Not used if keyPair is provided. subjectDN
- Distinguished name which will be both subject and issuer for
this certificate numValidDays
- period of certificaate validity. Will be measured from notBefore
date. notBefore
- Date that this certificate valitity begins. Must be no greater
than 3 days prior to the issuing UTC time. If null,
current Date will be used. useRSA
- if true use RSA key with SHA1withRSA signature algorithm else
DSA with SHA1withDSA algorithm
Not used if keyPair is provided. useShortSubjectKId
- if true use short form of Subject Key Id else use long form subjectAltNames
- (optional)list of subject alternate names. Specify null to
indicate that no value is being specified.
kUsage
- (optional)list of Key Usage strings. Acceptable values are-
"digital_signature" "non_repudiation" "key_encipherment"
"data_encipherment" "encipher_only" "decipher_only" extKUsage
- (optional)list of Extended Key Usage strings. Acceptable
values are- "ServerAuth_Id" "ClientAuth_Id" "CodeSigning_Id"
"EmailProtection_Id" "IPSecEndSystem_Id" "IPSecTunnel_Id"
"IPSecUser_Id" "TimeStamping_Id" provider
- name of crypto provider keyPair
- keypair to use for private/public keys
if null, keypair will be generated CA
- true - create this certificate as a CA with basic constraints
false - create this certificate as an end-user without basic constraints Returns:
a PkSsCertificate type object that implements a self-signed
certificate with the provided attributes
Throws:
com.ibm.security.certclient.base.PkRejectionException