CertificateManager

The CertificateManager interface provides methods for:

  • Generating certificates using the generateCACertificate, generateLocalPGPCertificate, generateLocalX509Certificate, generatePartnerPGPCertificate, and generateX509Certificate methods.
  • Retrieving the certificate references for various types of certificates in the store using the getPartnerCertificates, getLocalCertificates, getTrustedCertificates, and getUserCertificates methods. These methods retrieve a list of certificate references so you can work with a large number of certificates.
  • Managing certificates using the importCertificate, importLocalX509Certificate, exportCertificate, deleteCertificate, and related methods.
  • Generating certificate signing requests and managing signed certificates using the generateKeyPairAndCSR, importCertificateForCSR, and importPrivateKeyAndCSR methods. These methods return a certificate reference.
  • Retrieving the certificate details for a given certificate reference using the method getCertificateDetails and GetCertificateReference.
  • Retrieving the private key for local certificates using the method getPrivateKey.
  • Retrieving PGP subkeys for PGP certificates.
  • Creating a Java Secure Socket Extension (JSSE) SSLContext based on a local key using the method createSSLContext(). This is useful when the local key is used to establish an SSL connection.

These examples illustrate use of CertificateManager:

//import a certificate
CertificateFile crtFile = new CertificateFile();
CertificateManager certManager = Factory.getInstance()
    .getCertificateManager();
certManager.importCertificate("name", CertificateReference.TYPE_X509,
    CertificateReference.USAGE_TRUSTED, null, null,
    crtFile.get("fileName"));

//get a certificate reference using CertificateReferenceCriterion
CertificateReferenceCriterion certificateCriterion =
    certManager.getCertificateReferenceCriterion();
certificateCriterion.type(CertificateReference.TYPE_X509);
certificateCriterion.usage(CertificateReference.USAGE_TRUSTED);
certificateCriterion.hasAccount(false);
certificateCriterion.named("ca");
List<CertificateReference> crts = certManager
    .getCertificateReferences(certificateCriterion, 0,
    Integer.MAX_VALUE);
Context.getInstance().setCurrentCertificateReference(crts);
CertificateReference certRef = Context.getInstance()
    .getCurrentCertificateReference().get(0);

//export a certificate
ByteArrayOutputStream baos = new ByteArrayOutputStream();
baos.write(certManager.exportCertificate(certRef, false, null));
crtFile.put("fileName2", baos);

//generate a certificate
certRef = certManager.generateCACertificate(2048,
    new Subject("certificate name", "", "", "", "", ""),
    "CAPassword", 100);

Related topics:

Related Links