Certificate (Java SE 11 & JDK 11 ) (original) (raw)
- java.security.cert.Certificate
All Implemented Interfaces:
[Serializable](../../io/Serializable.html "interface in java.io")
Direct Known Subclasses:[X509Certificate](X509Certificate.html "class in java.security.cert")
public abstract class Certificate
extends Object
implements Serializable
Abstract class for managing a variety of identity certificates. An identity certificate is a binding of a principal to a public key which is vouched for by another principal. (A principal represents an entity such as an individual user, a group, or a corporation.)
This class is an abstraction for certificates that have different formats but important common uses. For example, different types of certificates, such as X.509 and PGP, share general certificate functionality (like encoding and verifying) and some types of information (like a public key).
X.509, PGP, and SDSI certificates can all be implemented by subclassing the Certificate class, even though they contain different sets of information, and they store and retrieve the information in different ways.
Since:
1.2
See Also:
X509Certificate, CertificateFactory, Serialized Form
Nested Class Summary
Nested Classes
Modifier and Type Class Description protected static class Certificate.CertificateRep Alternate Certificate class for serialization. Constructor Summary
Constructors
Modifier Constructor Description protected Certificate(String type) Creates a certificate of the specified type. Method Summary
All Methods Instance Methods Abstract Methods Concrete Methods
Modifier and Type Method Description boolean equals(Object other) Compares this certificate for equality with the specified object. abstract byte[] getEncoded() Returns the encoded form of this certificate. abstract PublicKey getPublicKey() Gets the public key from this certificate. String getType() Returns the type of this certificate. int hashCode() Returns a hashcode value for this certificate from its encoded form. abstract String toString() Returns a string representation of this certificate. abstract void verify(PublicKey key) Verifies that this certificate was signed using the private key that corresponds to the specified public key. abstract void verify(PublicKey key,String sigProvider) Verifies that this certificate was signed using the private key that corresponds to the specified public key. void verify(PublicKey key,Provider sigProvider) Verifies that this certificate was signed using the private key that corresponds to the specified public key. protected Object writeReplace() Replace the Certificate to be serialized. * ### Methods declared in class java.lang.[Object](../../lang/Object.html "class in java.lang") `[clone](../../lang/Object.html#clone%28%29), [finalize](../../lang/Object.html#finalize%28%29), [getClass](../../lang/Object.html#getClass%28%29), [notify](../../lang/Object.html#notify%28%29), [notifyAll](../../lang/Object.html#notifyAll%28%29), [wait](../../lang/Object.html#wait%28%29), [wait](../../lang/Object.html#wait%28long%29), [wait](../../lang/Object.html#wait%28long,int%29)`Constructor Detail
* #### Certificate protected Certificate([String](../../lang/String.html "class in java.lang") type) Creates a certificate of the specified type. Parameters: `type` \- the standard name of the certificate type. See the CertificateFactory section in the [ Java Security Standard Algorithm Names Specification](../../../../../specs/security/standard-names.html#certificatefactory-types) for information about standard certificate types.Method Detail
* #### getType public final [String](../../lang/String.html "class in java.lang") getType() Returns the type of this certificate. Returns: the type of this certificate. * #### equals public boolean equals([Object](../../lang/Object.html "class in java.lang") other) Compares this certificate for equality with the specified object. If the `other` object is an`instanceof` `Certificate`, then its encoded form is retrieved and compared with the encoded form of this certificate. Overrides: `[equals](../../lang/Object.html#equals%28java.lang.Object%29)` in class `[Object](../../lang/Object.html "class in java.lang")` Parameters: `other` \- the object to test for equality with this certificate. Returns: true iff the encoded forms of the two certificates match, false otherwise. See Also: [Object.hashCode()](../../lang/Object.html#hashCode%28%29), [HashMap](../../util/HashMap.html "class in java.util") * #### hashCode public int hashCode() Returns a hashcode value for this certificate from its encoded form. Overrides: `[hashCode](../../lang/Object.html#hashCode%28%29)` in class `[Object](../../lang/Object.html "class in java.lang")` Returns: the hashcode value. See Also: [Object.equals(java.lang.Object)](../../lang/Object.html#equals%28java.lang.Object%29), [System.identityHashCode(java.lang.Object)](../../lang/System.html#identityHashCode%28java.lang.Object%29) * #### getEncoded public abstract byte[] getEncoded() throws [CertificateEncodingException](CertificateEncodingException.html "class in java.security.cert") Returns the encoded form of this certificate. It is assumed that each certificate type would have only a single form of encoding; for example, X.509 certificates would be encoded as ASN.1 DER. Returns: the encoded form of this certificate Throws: `[CertificateEncodingException](CertificateEncodingException.html "class in java.security.cert")` \- if an encoding error occurs. * #### verify public abstract void verify([PublicKey](../PublicKey.html "interface in java.security") key) throws [CertificateException](CertificateException.html "class in java.security.cert"), [NoSuchAlgorithmException](../NoSuchAlgorithmException.html "class in java.security"), [InvalidKeyException](../InvalidKeyException.html "class in java.security"), [NoSuchProviderException](../NoSuchProviderException.html "class in java.security"), [SignatureException](../SignatureException.html "class in java.security") Verifies that this certificate was signed using the private key that corresponds to the specified public key. Parameters: `key` \- the PublicKey used to carry out the verification. Throws: `[NoSuchAlgorithmException](../NoSuchAlgorithmException.html "class in java.security")` \- on unsupported signature algorithms. `[InvalidKeyException](../InvalidKeyException.html "class in java.security")` \- on incorrect key. `[NoSuchProviderException](../NoSuchProviderException.html "class in java.security")` \- if there's no default provider. `[SignatureException](../SignatureException.html "class in java.security")` \- on signature errors. `[CertificateException](CertificateException.html "class in java.security.cert")` \- on encoding errors. * #### verify public abstract void verify([PublicKey](../PublicKey.html "interface in java.security") key, [String](../../lang/String.html "class in java.lang") sigProvider) throws [CertificateException](CertificateException.html "class in java.security.cert"), [NoSuchAlgorithmException](../NoSuchAlgorithmException.html "class in java.security"), [InvalidKeyException](../InvalidKeyException.html "class in java.security"), [NoSuchProviderException](../NoSuchProviderException.html "class in java.security"), [SignatureException](../SignatureException.html "class in java.security") Verifies that this certificate was signed using the private key that corresponds to the specified public key. This method uses the signature verification engine supplied by the specified provider. Parameters: `key` \- the PublicKey used to carry out the verification. `sigProvider` \- the name of the signature provider. Throws: `[NoSuchAlgorithmException](../NoSuchAlgorithmException.html "class in java.security")` \- on unsupported signature algorithms. `[InvalidKeyException](../InvalidKeyException.html "class in java.security")` \- on incorrect key. `[NoSuchProviderException](../NoSuchProviderException.html "class in java.security")` \- on incorrect provider. `[SignatureException](../SignatureException.html "class in java.security")` \- on signature errors. `[CertificateException](CertificateException.html "class in java.security.cert")` \- on encoding errors. * #### verify public void verify([PublicKey](../PublicKey.html "interface in java.security") key, [Provider](../Provider.html "class in java.security") sigProvider) throws [CertificateException](CertificateException.html "class in java.security.cert"), [NoSuchAlgorithmException](../NoSuchAlgorithmException.html "class in java.security"), [InvalidKeyException](../InvalidKeyException.html "class in java.security"), [SignatureException](../SignatureException.html "class in java.security") Verifies that this certificate was signed using the private key that corresponds to the specified public key. This method uses the signature verification engine supplied by the specified provider. Note that the specified Provider object does not have to be registered in the provider list. This method was added to version 1.8 of the Java Platform Standard Edition. In order to maintain backwards compatibility with existing service providers, this method cannot be `abstract` and by default throws an `UnsupportedOperationException`. Parameters: `key` \- the PublicKey used to carry out the verification. `sigProvider` \- the signature provider. Throws: `[NoSuchAlgorithmException](../NoSuchAlgorithmException.html "class in java.security")` \- on unsupported signature algorithms. `[InvalidKeyException](../InvalidKeyException.html "class in java.security")` \- on incorrect key. `[SignatureException](../SignatureException.html "class in java.security")` \- on signature errors. `[CertificateException](CertificateException.html "class in java.security.cert")` \- on encoding errors. `[UnsupportedOperationException](../../lang/UnsupportedOperationException.html "class in java.lang")` \- if the method is not supported Since: 1.8 * #### toString public abstract [String](../../lang/String.html "class in java.lang") toString() Returns a string representation of this certificate. Overrides: `[toString](../../lang/Object.html#toString%28%29)` in class `[Object](../../lang/Object.html "class in java.lang")` Returns: a string representation of this certificate. * #### getPublicKey public abstract [PublicKey](../PublicKey.html "interface in java.security") getPublicKey() Gets the public key from this certificate. Returns: the public key. * #### writeReplace protected [Object](../../lang/Object.html "class in java.lang") writeReplace() throws [ObjectStreamException](../../io/ObjectStreamException.html "class in java.io") Replace the Certificate to be serialized. Returns: the alternate Certificate object to be serialized Throws: `[ObjectStreamException](../../io/ObjectStreamException.html "class in java.io")` \- if a new object representing this Certificate could not be created Since: 1.3
Report a bug or suggest an enhancement
For further API reference and developer documentation see the Java SE Documentation, which contains more detailed, developer-targeted descriptions with conceptual overviews, definitions of terms, workarounds, and working code examples.
Java is a trademark or registered trademark of Oracle and/or its affiliates in the US and other countries.
Copyright © 1993, 2025, Oracle and/or its affiliates, 500 Oracle Parkway, Redwood Shores, CA 94065 USA.
All rights reserved. Use is subject to license terms and the documentation redistribution policy.