See: Description
| Interface | Description | 
|---|---|
| CertPathBuilderResult | A specification of the result of a certification path builder algorithm. | 
| CertPathChecker | Performs one or more checks on each  Certificateof aCertPath. | 
| CertPathParameters | A specification of certification path algorithm parameters. | 
| CertPathValidatorException.Reason | The reason the validation algorithm failed. | 
| CertPathValidatorResult | A specification of the result of a certification path validator algorithm. | 
| CertSelector | A selector that defines a set of criteria for selecting
  Certificates. | 
| CertStoreParameters | A specification of  CertStoreparameters. | 
| CRLSelector | A selector that defines a set of criteria for selecting  CRLs. | 
| Extension | This interface represents an X.509 extension. | 
| PolicyNode | An immutable valid policy tree node as defined by the PKIX certification
 path validation algorithm. | 
| X509Extension | Interface for an X.509 extension. | 
| Class | Description | 
|---|---|
| Certificate | Abstract class for managing a variety of identity certificates. | 
| Certificate.CertificateRep | Alternate Certificate class for serialization. | 
| CertificateFactory | This class defines the functionality of a certificate factory, which is
 used to generate certificate, certification path ( CertPath)
 and certificate revocation list (CRL) objects from their encodings. | 
| CertificateFactorySpi | This class defines the Service Provider Interface (SPI)
 for the  CertificateFactoryclass. | 
| CertPath | An immutable sequence of certificates (a certification path). | 
| CertPath.CertPathRep | Alternate  CertPathclass for serialization. | 
| CertPathBuilder | A class for building certification paths (also known as certificate chains). | 
| CertPathBuilderSpi | The Service Provider Interface (SPI)
 for the  CertPathBuilderclass. | 
| CertPathValidator | A class for validating certification paths (also known as certificate
 chains). | 
| CertPathValidatorSpi | The Service Provider Interface (SPI)
 for the  CertPathValidatorclass. | 
| CertStore | A class for retrieving  Certificates andCRLs
 from a repository. | 
| CertStoreSpi | The Service Provider Interface (SPI)
 for the  CertStoreclass. | 
| CollectionCertStoreParameters | Parameters used as input for the Collection  CertStorealgorithm. | 
| CRL | This class is an abstraction of certificate revocation lists (CRLs) that
 have different formats but important common uses. | 
| LDAPCertStoreParameters | Parameters used as input for the LDAP  CertStorealgorithm. | 
| PKIXBuilderParameters | Parameters used as input for the PKIX  CertPathBuilderalgorithm. | 
| PKIXCertPathBuilderResult | This class represents the successful result of the PKIX certification
 path builder algorithm. | 
| PKIXCertPathChecker | An abstract class that performs one or more checks on an
  X509Certificate. | 
| PKIXCertPathValidatorResult | This class represents the successful result of the PKIX certification
 path validation algorithm. | 
| PKIXParameters | Parameters used as input for the PKIX  CertPathValidatoralgorithm. | 
| PKIXRevocationChecker | A  PKIXCertPathCheckerfor checking the revocation status of
 certificates with the PKIX algorithm. | 
| PolicyQualifierInfo | An immutable policy qualifier represented by the ASN.1 PolicyQualifierInfo
 structure. | 
| TrustAnchor | A trust anchor or most-trusted Certification Authority (CA). | 
| X509Certificate | 
 Abstract class for X.509 certificates. | 
| X509CertSelector | A  CertSelectorthat selectsX509Certificatesthat
 match all specified criteria. | 
| X509CRL | 
 Abstract class for an X.509 Certificate Revocation List (CRL). | 
| X509CRLEntry | Abstract class for a revoked certificate in a CRL (Certificate
 Revocation List). | 
| X509CRLSelector | A  CRLSelectorthat selectsX509CRLsthat
 match all specified criteria. | 
| Enum | Description | 
|---|---|
| CertPathValidatorException.BasicReason | The BasicReason enumerates the potential reasons that a certification
 path of any type may be invalid. | 
| CRLReason | The CRLReason enumeration specifies the reason that a certificate
 is revoked, as defined in 
 RFC 3280: Internet X.509 Public Key Infrastructure Certificate and CRL
 Profile. | 
| PKIXReason | The  PKIXReasonenumerates the potential PKIX-specific reasons
 that an X.509 certification path may be invalid according to the PKIX
 (RFC 3280) standard. | 
| PKIXRevocationChecker.Option | Various revocation options that can be specified for the revocation
 checking mechanism. | 
| Exception | Description | 
|---|---|
| CertificateEncodingException | Certificate Encoding Exception. | 
| CertificateException | This exception indicates one of a variety of certificate problems. | 
| CertificateExpiredException | Certificate Expired Exception. | 
| CertificateNotYetValidException | Certificate is not yet valid exception. | 
| CertificateParsingException | Certificate Parsing Exception. | 
| CertificateRevokedException | An exception that indicates an X.509 certificate is revoked. | 
| CertPathBuilderException | An exception indicating one of a variety of problems encountered when
 building a certification path with a  CertPathBuilder. | 
| CertPathValidatorException | An exception indicating one of a variety of problems encountered when
 validating a certification path. | 
| CertStoreException | An exception indicating one of a variety of problems retrieving
 certificates and CRLs from a  CertStore. | 
| CRLException | CRL (Certificate Revocation List) Exception. | 
 Submit a bug or feature 
For further API reference and developer documentation, see Java SE Documentation. That documentation contains more detailed, developer-targeted descriptions, with conceptual overviews, definitions of terms, workarounds, and working code examples.
 Copyright © 1993, 2017, Oracle and/or its affiliates.  All rights reserved. Use is subject to license terms. Also see the documentation redistribution policy.