This abstract class represents an public-key (or identity) certificate. A certificate is an object that contains the name of an entity and a public key for that entity. Certificates are issued by, and bear the digital signature of, a (presumably trusted) third party, typically a certificate authority (CA). By issuing and signing the certificate, the CA is certifying that, based on their research, the entity named on the certificate really is who they say they are and that the public key in the certificate really does belong to that entity. Sometimes the signer of a certificate is not a trusted CA, and the certificate is accompanied by the signer's certificate which may be signed by a CA, or by another untrusted intermediary who provides his or her own certificate. A "chain" of such certificates is known as a "certification path". See CertPath for further details.

Use a CertificateFactory to parse a stream of bytes into a Certificate object; getEncoded( ) reverses this process. Use verify( ) to verify the digital signature of the entity that issued the certificate. If the signature cannot be verified, the certificate should not be trusted. Call getPublicKey( ) to obtain the java.security.PublicKey of the subject of the certificate. Note that this class does not define a method for obtaining the Principal that is associated with the PublicKey. That functionality is dependent on the type of the certificate. See X509Certificate.getSubjectDN( ), for example.

Do not confuse this class with the java.security.Certificate interface that was defined in Java 1.1 and has been deprecated in Java 1.2.

Figure 14-47. java.security.cert.Certificate

public abstract class Certificate implements Serializable {
// Protected Constructors
     protected Certificate(String type);  
// Nested Types
1.3  protected static class CertificateRep implements Serializable; 
// Public Instance Methods
     public abstract byte[ ] getEncoded( ) throws CertificateEncodingException;  
     public abstract java.security.PublicKey getPublicKey( );  
     public final String getType( );  
     public abstract void verify(java.security.PublicKey key) 
        throws CertificateException, java.security.NoSuchAlgorithmException, 
        java.security.InvalidKeyException, java.security.NoSuchProviderException, java.security.SignatureException;  
     public abstract void verify(java.security.PublicKey key, String sigProvider) 
        throws CertificateException, java.security.NoSuchAlgorithmException, 
        java.security.InvalidKeyException, java.security.NoSuchProviderException, java.security.SignatureException;  
// Public Methods Overriding Object
     public boolean equals(Object other);  
     public int hashCode( );  
     public abstract String toString( );  
// Protected Instance Methods
1.3  protected Object writeReplace( ) throws java.io.ObjectStreamException;  
}

Subclasses

X509Certificate

Passed To

Too many methods to list.

Returned By

Too many methods to list.