Name
TrustAnchor
Synopsis
A TrustAnchor
represents a certificate authority that
is trusted to “anchor” a
certificate chain. A TrustAnchor
object includes
the X.500 distinguished name of the CA and the public key of the CA.
You may specify the name and key explictly or by passing an
X509Certificate
to the TrustAnchor(
)
constructor. If you do not pass a certificate, you can
specify the CA name as a String
or as an
X500Principal
object from the
javax.security.auth.x500
package. All forms of the
TrustAnchor( )
constructor also allow you to
specify a byte array containing a binary representation of a
“Name Constraints” extension. The
format and meaning of such name constraints is beyond the scope of
this reference, and most applications can simply specify
null
for this constructor argument.
public class TrustAnchor { // Public Constructors public TrustAnchor(X509Certificate trustedCert, byte[ ] nameConstraints); 5.0 public TrustAnchor(javax.security.auth.x500.X500Principal caPrincipal, java.security.PublicKey pubKey, byte[ ] nameConstraints); public TrustAnchor(String caName, java.security.PublicKey pubKey, byte[ ] nameConstraints); // Public Instance Methods 5.0 public final javax.security.auth.x500.X500Principal getCA( ); public final String getCAName( ); public final java.security.PublicKey getCAPublicKey( ); public final byte[ ] getNameConstraints( ); public final X509Certificate getTrustedCert( ); // Public Methods Overriding Object public String toString( ); }
Passed To
PKIXCertPathBuilderResult.PKIXCertPathBuilderResult( ...
Get Java in a Nutshell, 5th Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.