| Package | Description | 
|---|---|
| java.security.cert | Provides classes and interfaces for parsing and managing
 certificates, certificate revocation lists (CRLs), and
 certification paths. | 
| javax.net.ssl | Provides classes for the secure socket package. | 
| javax.security.auth.x500 | This package contains the classes that should be used to store
 X500 Principal and X500 Private Credentials in a
 Subject. | 
| Modifier and Type | Method and Description | 
|---|---|
| X509Certificate | X509CertSelector. getCertificate()Returns the certificateEquals criterion. | 
| X509Certificate | X509CRLSelector. getCertificateChecking()Returns the certificate being checked. | 
| X509Certificate | PKIXRevocationChecker. getOcspResponderCert()Gets the OCSP responder's certificate. | 
| X509Certificate | TrustAnchor. getTrustedCert()Returns the most-trusted CA certificate. | 
| Modifier and Type | Method and Description | 
|---|---|
| Map<X509Certificate,byte[]> | PKIXRevocationChecker. getOcspResponses()Gets the OCSP responses. | 
| Modifier and Type | Method and Description | 
|---|---|
| X509CRLEntry | X509CRL. getRevokedCertificate(X509Certificate certificate)Get the CRL entry, if any, for the given certificate. | 
| void | X509CertSelector. setCertificate(X509Certificate cert)Sets the certificateEquals criterion. | 
| void | X509CRLSelector. setCertificateChecking(X509Certificate cert)Sets the certificate being checked. | 
| void | PKIXRevocationChecker. setOcspResponderCert(X509Certificate cert)Sets the OCSP responder's certificate. | 
| Modifier and Type | Method and Description | 
|---|---|
| void | PKIXRevocationChecker. setOcspResponses(Map<X509Certificate,byte[]> responses)Sets the OCSP responses. | 
| Constructor and Description | 
|---|
| TrustAnchor(X509Certificate trustedCert,
           byte[] nameConstraints)Creates an instance of  TrustAnchorwith the specifiedX509Certificateand optional name constraints, which
 are intended to be used as additional constraints when validating
 an X.509 certification path. | 
| Modifier and Type | Method and Description | 
|---|---|
| X509Certificate[] | X509TrustManager. getAcceptedIssuers()Return an array of certificate authority certificates
 which are trusted for authenticating peers. | 
| X509Certificate[] | X509KeyManager. getCertificateChain(String alias)Returns the certificate chain associated with the given alias. | 
| Modifier and Type | Method and Description | 
|---|---|
| void | X509TrustManager. checkClientTrusted(X509Certificate[] chain,
                  String authType)Given the partial or complete certificate chain provided by the
 peer, build a certificate path to a trusted root and return if
 it can be validated and is trusted for client SSL
 authentication based on the authentication type. | 
| abstract void | X509ExtendedTrustManager. checkClientTrusted(X509Certificate[] chain,
                  String authType,
                  Socket socket)Given the partial or complete certificate chain provided by the
 peer, build and validate the certificate path based on the
 authentication type and ssl parameters. | 
| abstract void | X509ExtendedTrustManager. checkClientTrusted(X509Certificate[] chain,
                  String authType,
                  SSLEngine engine)Given the partial or complete certificate chain provided by the
 peer, build and validate the certificate path based on the
 authentication type and ssl parameters. | 
| void | X509TrustManager. checkServerTrusted(X509Certificate[] chain,
                  String authType)Given the partial or complete certificate chain provided by the
 peer, build a certificate path to a trusted root and return if
 it can be validated and is trusted for server SSL
 authentication based on the authentication type. | 
| abstract void | X509ExtendedTrustManager. checkServerTrusted(X509Certificate[] chain,
                  String authType,
                  Socket socket)Given the partial or complete certificate chain provided by the
 peer, build and validate the certificate path based on the
 authentication type and ssl parameters. | 
| abstract void | X509ExtendedTrustManager. checkServerTrusted(X509Certificate[] chain,
                  String authType,
                  SSLEngine engine)Given the partial or complete certificate chain provided by the
 peer, build and validate the certificate path based on the
 authentication type and ssl parameters. | 
| Modifier and Type | Method and Description | 
|---|---|
| X509Certificate | X500PrivateCredential. getCertificate()Returns the X.509 certificate. | 
| Constructor and Description | 
|---|
| X500PrivateCredential(X509Certificate cert,
                     PrivateKey key)Creates an X500PrivateCredential that associates an X.509 certificate,
 a private key and the KeyStore alias. | 
| X500PrivateCredential(X509Certificate cert,
                     PrivateKey key,
                     String alias)Creates an X500PrivateCredential that associates an X.509 certificate,
 a private key and the KeyStore alias. | 
 Submit a bug or feature 
For further API reference and developer documentation, see Java SE Documentation. That documentation contains more detailed, developer-targeted descriptions, with conceptual overviews, definitions of terms, workarounds, and working code examples.
 Copyright © 1993, 2017, Oracle and/or its affiliates.  All rights reserved. Use is subject to license terms. Also see the documentation redistribution policy.