|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectcom.ibm.security.certclient.util.PkSsCertFactory
public final class PkSsCertFactory
Generate a self-signed certificate.
Method Summary | |
---|---|
static PkSsCertificate |
newSsCert(int keySize,
String subjectDN,
int numValidDays,
boolean useRSA,
boolean useShortSubjectKId,
List<String> subjectAltNames,
List<String> kUsage,
List<String> extKUsage,
String provider)
Create a self-signed certificate with supplied extensions |
static PkSsCertificate |
newSsCert(int keySize,
String subjectDN,
int numValidDays,
boolean useRSA,
boolean useShortSubjectKId,
List<String> subjectAltNames,
List<String> kUsage,
List<String> extKUsage,
String provider,
KeyPair keyPair)
Create a self-signed certificate with supplied extensions |
static PkSsCertificate |
newSsCert(int keySize,
String subjectDN,
int numValidDays,
boolean useRSA,
boolean useShortSubjectKId,
String provider)
Create a self-signed certificate without any supplied extensions |
static PkSsCertificate |
newSsCert(int keySize,
String subjectDN,
int numValidDays,
boolean useRSA,
boolean useShortSubjectKId,
String provider,
KeyPair keyPair)
Create a self-signed certificate without any supplied extensions |
static PkSsCertificate |
newSsCert(int keySize,
String subjectDN,
int numValidDays,
Date notBefore,
boolean useRSA,
boolean useShortSubjectKId,
List<String> subjectAltNames,
List<String> kUsage,
List<String> extKUsage,
String provider)
Create a self-signed certificate with supplied extensions |
static PkSsCertificate |
newSsCert(int keySize,
String subjectDN,
int numValidDays,
Date notBefore,
boolean useRSA,
boolean useShortSubjectKId,
List<String> subjectAltNames,
List<String> kUsage,
List<String> extKUsage,
String provider,
KeyPair keyPair)
Create a self-signed certificate with supplied extensions |
static PkSsCertificate |
newSsCert(int keySize,
String subjectDN,
int numValidDays,
Date notBefore,
boolean useRSA,
boolean useShortSubjectKId,
List<String> subjectAltNames,
List<String> kUsage,
List<String> extKUsage,
String provider,
KeyPair keyPair,
boolean CA)
Create a self-signed certificate with supplied extensions |
static PkSsCertificate |
newSsCert(int keySize,
String subjectDN,
int numValidDays,
Date notBefore,
boolean useRSA,
boolean useShortSubjectKId,
String provider)
Create a self-signed certificate without any supplied extensions |
static PkSsCertificate |
newSsCert(int keySize,
String subjectDN,
int numValidDays,
Date notBefore,
boolean useRSA,
boolean useShortSubjectKId,
String provider,
KeyPair keyPair)
Create a self-signed certificate without any supplied extensions |
static PkSsCertificate |
newSsCert(String subjectDN)
Most simple way to generate a self-signed certificate. |
static PkSsCertificate |
newSsCert(String subjectDN,
Date notBefore)
Most simple way to generate a self-signed certificate. |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Method Detail |
---|
public static PkSsCertificate newSsCert(String subjectDN) throws com.ibm.security.certclient.base.PkRejectionException
subjectDN
- Distinguished name which will be both subject and issuer for
this certificate
com.ibm.security.certclient.base.PkRejectionException
public static PkSsCertificate newSsCert(String subjectDN, Date notBefore) throws com.ibm.security.certclient.base.PkRejectionException
subjectDN
- Distinguished name which will be both subject and issuer for
this certificatenotBefore
- Date that this certificate valitity begins. Must be no greater
than 3 days prior to the issuing UTC time. If null,
current Date will be used.
com.ibm.security.certclient.base.PkRejectionException
public static PkSsCertificate newSsCert(int keySize, String subjectDN, int numValidDays, boolean useRSA, boolean useShortSubjectKId, String provider) throws com.ibm.security.certclient.base.PkRejectionException
keySize
- size of key.subjectDN
- Distinguished name which will be both subject and issuer for
this certificatenumValidDays
- period of certificate validity. Will be measured from current
date.useRSA
- if true use RSA key with SHA1withRSA signature algorithm else
DSA with SHA1withDSA algorithmuseShortSubjectKId
- if true use short form of Subject Key Id else use long formprovider
- name of crypto provider
com.ibm.security.certclient.base.PkRejectionException
public static PkSsCertificate newSsCert(int keySize, String subjectDN, int numValidDays, Date notBefore, boolean useRSA, boolean useShortSubjectKId, String provider) throws com.ibm.security.certclient.base.PkRejectionException
keySize
- size of key.subjectDN
- Distinguished name which will be both subject and issuer for
this certificatenumValidDays
- period of certificate validity. Will be measured from notBefore
date.notBefore
- Date that this certificate valitity begins. Must be no greater
than 3 days prior to the issuing UTC time. If null,
current Date will be used.useRSA
- if true use RSA key with SHA1withRSA signature algorithm else
DSA with SHA1withDSA algorithmuseShortSubjectKId
- if true use short form of Subject Key Id else use long formprovider
- name of crypto provider
com.ibm.security.certclient.base.PkRejectionException
public static PkSsCertificate newSsCert(int keySize, String subjectDN, int numValidDays, boolean useRSA, boolean useShortSubjectKId, String provider, KeyPair keyPair) throws com.ibm.security.certclient.base.PkRejectionException
keySize
- size of key. Not used if keyPair is provided.subjectDN
- Distinguished name which will be both subject and issuer for
this certificatenumValidDays
- period of certificaate validity. Will be measured from current
date.useRSA
- if true use RSA key with SHA1withRSA signature algorithm else
DSA with SHA1withDSA algorithm
Not used if keyPair is provided.useShortSubjectKId
- if true use short form of Subject Key Id else use long formprovider
- name of crypto providerkeyPair
- keypair to use for private/public key
com.ibm.security.certclient.base.PkRejectionException
public static PkSsCertificate newSsCert(int keySize, String subjectDN, int numValidDays, Date notBefore, boolean useRSA, boolean useShortSubjectKId, String provider, KeyPair keyPair) throws com.ibm.security.certclient.base.PkRejectionException
keySize
- size of key. Not used if keyPair is provided.subjectDN
- Distinguished name which will be both subject and issuer for
this certificatenumValidDays
- period of certificaate validity. Will be measured from notBefore
date.notBefore
- Date that this certificate valitity begins. Must be no greater
than 3 days prior to the issuing UTC time. If null,
current Date will be used.useRSA
- if true use RSA key with SHA1withRSA signature algorithm else
DSA with SHA1withDSA algorithm
Not used if keyPair is provided.useShortSubjectKId
- if true use short form of Subject Key Id else use long formprovider
- name of crypto providerkeyPair
- keypair to use for private/public key
com.ibm.security.certclient.base.PkRejectionException
public static PkSsCertificate newSsCert(int keySize, String subjectDN, int numValidDays, boolean useRSA, boolean useShortSubjectKId, List<String> subjectAltNames, List<String> kUsage, List<String> extKUsage, String provider) throws com.ibm.security.certclient.base.PkRejectionException
keySize
- size of key.subjectDN
- Distinguished name which will be both subject and issuer for
this certificatenumValidDays
- period of certificaate validity. Will be measured from current
date.useRSA
- if true use RSA key with SHA1withRSA signature algorithm else
DSA with SHA1withDSA algorithmuseShortSubjectKId
- if true use short form of Subject Key Id else use long formsubjectAltNames
- (optional)list of subject alternate names. Specify null to
indicate that no value is being specified.
kUsage
- (optional)list of Key Usage strings. Acceptable values are-
"digital_signature" "non_repudiation" "key_encipherment"
"data_encipherment" "encipher_only" "decipher_only"extKUsage
- (optional)list of Extended Key Usage strings. Acceptable
values are- "ServerAuth_Id" "ClientAuth_Id" "CodeSigning_Id"
"EmailProtection_Id" "IPSecEndSystem_Id" "IPSecTunnel_Id"
"IPSecUser_Id" "TimeStamping_Id"provider
- name of crypto provider
com.ibm.security.certclient.base.PkRejectionException
public static PkSsCertificate newSsCert(int keySize, String subjectDN, int numValidDays, Date notBefore, boolean useRSA, boolean useShortSubjectKId, List<String> subjectAltNames, List<String> kUsage, List<String> extKUsage, String provider) throws com.ibm.security.certclient.base.PkRejectionException
keySize
- size of key.subjectDN
- Distinguished name which will be both subject and issuer for
this certificatenumValidDays
- period of certificaate validity. Will be measured from notBefore
date.notBefore
- Date that this certificate valitity begins. Must be no greater
than 3 days prior to the issuing UTC time. If null,
current Date will be used.useRSA
- if true use RSA key with SHA1withRSA signature algorithm else
DSA with SHA1withDSA algorithmuseShortSubjectKId
- if true use short form of Subject Key Id else use long formsubjectAltNames
- (optional)list of subject alternate names. Specify null to
indicate that no value is being specified.
kUsage
- (optional)list of Key Usage strings. Acceptable values are-
"digital_signature" "non_repudiation" "key_encipherment"
"data_encipherment" "encipher_only" "decipher_only"extKUsage
- (optional)list of Extended Key Usage strings. Acceptable
values are- "ServerAuth_Id" "ClientAuth_Id" "CodeSigning_Id"
"EmailProtection_Id" "IPSecEndSystem_Id" "IPSecTunnel_Id"
"IPSecUser_Id" "TimeStamping_Id"provider
- name of crypto provider
com.ibm.security.certclient.base.PkRejectionException
public static PkSsCertificate newSsCert(int keySize, String subjectDN, int numValidDays, boolean useRSA, boolean useShortSubjectKId, List<String> subjectAltNames, List<String> kUsage, List<String> extKUsage, String provider, KeyPair keyPair) throws com.ibm.security.certclient.base.PkRejectionException
keySize
- size of key. Not used if keyPair is provided.subjectDN
- Distinguished name which will be both subject and issuer for
this certificatenumValidDays
- period of certificaate validity. Will be measured from current
date.useRSA
- if true use RSA key with SHA1withRSA signature algorithm else
DSA with SHA1withDSA algorithm
Not used if keyPair is provided.useShortSubjectKId
- if true use short form of Subject Key Id else use long formsubjectAltNames
- (optional)list of subject alternate names. Specify null to
indicate that no value is being specified.
kUsage
- (optional)list of Key Usage strings. Acceptable values are-
"digital_signature" "non_repudiation" "key_encipherment"
"data_encipherment" "encipher_only" "decipher_only"extKUsage
- (optional)list of Extended Key Usage strings. Acceptable
values are- "ServerAuth_Id" "ClientAuth_Id" "CodeSigning_Id"
"EmailProtection_Id" "IPSecEndSystem_Id" "IPSecTunnel_Id"
"IPSecUser_Id" "TimeStamping_Id"provider
- name of crypto providerkeyPair
- keypair to use for private/public keys
if null, keypair will be generated
com.ibm.security.certclient.base.PkRejectionException
public static PkSsCertificate newSsCert(int keySize, String subjectDN, int numValidDays, Date notBefore, boolean useRSA, boolean useShortSubjectKId, List<String> subjectAltNames, List<String> kUsage, List<String> extKUsage, String provider, KeyPair keyPair) throws com.ibm.security.certclient.base.PkRejectionException
keySize
- size of key. Not used if keyPair is provided.subjectDN
- Distinguished name which will be both subject and issuer for
this certificatenumValidDays
- period of certificaate validity. Will be measured from notBefore
date.notBefore
- Date that this certificate valitity begins. Must be no greater
than 3 days prior to the issuing UTC time. If null,
current Date will be used.useRSA
- if true use RSA key with SHA1withRSA signature algorithm else
DSA with SHA1withDSA algorithm
Not used if keyPair is provided.useShortSubjectKId
- if true use short form of Subject Key Id else use long formsubjectAltNames
- (optional)list of subject alternate names. Specify null to
indicate that no value is being specified.
kUsage
- (optional)list of Key Usage strings. Acceptable values are-
"digital_signature" "non_repudiation" "key_encipherment"
"data_encipherment" "encipher_only" "decipher_only"extKUsage
- (optional)list of Extended Key Usage strings. Acceptable
values are- "ServerAuth_Id" "ClientAuth_Id" "CodeSigning_Id"
"EmailProtection_Id" "IPSecEndSystem_Id" "IPSecTunnel_Id"
"IPSecUser_Id" "TimeStamping_Id"provider
- name of crypto providerkeyPair
- keypair to use for private/public keys
if null, keypair will be generated
com.ibm.security.certclient.base.PkRejectionException
public static PkSsCertificate newSsCert(int keySize, String subjectDN, int numValidDays, Date notBefore, boolean useRSA, boolean useShortSubjectKId, List<String> subjectAltNames, List<String> kUsage, List<String> extKUsage, String provider, KeyPair keyPair, boolean CA) throws com.ibm.security.certclient.base.PkRejectionException
keySize
- size of key. Not used if keyPair is provided.subjectDN
- Distinguished name which will be both subject and issuer for
this certificatenumValidDays
- period of certificaate validity. Will be measured from notBefore
date.notBefore
- Date that this certificate valitity begins. Must be no greater
than 3 days prior to the issuing UTC time. If null,
current Date will be used.useRSA
- if true use RSA key with SHA1withRSA signature algorithm else
DSA with SHA1withDSA algorithm
Not used if keyPair is provided.useShortSubjectKId
- if true use short form of Subject Key Id else use long formsubjectAltNames
- (optional)list of subject alternate names. Specify null to
indicate that no value is being specified.
kUsage
- (optional)list of Key Usage strings. Acceptable values are-
"digital_signature" "non_repudiation" "key_encipherment"
"data_encipherment" "encipher_only" "decipher_only"extKUsage
- (optional)list of Extended Key Usage strings. Acceptable
values are- "ServerAuth_Id" "ClientAuth_Id" "CodeSigning_Id"
"EmailProtection_Id" "IPSecEndSystem_Id" "IPSecTunnel_Id"
"IPSecUser_Id" "TimeStamping_Id"provider
- name of crypto providerkeyPair
- keypair to use for private/public keys
if null, keypair will be generatedCA
- true - create this certificate as a CA with basic constraints
false - create this certificate as an end-user without basic constraints
com.ibm.security.certclient.base.PkRejectionException
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |