Class X509CertificateBuilder
java.lang.Object
eu.europa.esig.dss.pki.jaxb.builder.X509CertificateBuilder
Builds a
eu.europa.esig.dss.model.x509.CertificateToken-
Constructor Summary
ConstructorsConstructorDescriptionDefault constructor to create an empty instance of X509CertificateBuilder. -
Method Summary
Modifier and TypeMethodDescriptionbuild()Builds a certificate tokenca(boolean ca) Sets whether the certificate is a CA certificateSets the AIA CA Issuers distribution point URLcertificatePolicies(List<String> certificatePolicies) Sets the certificate policies for the certificateSets the CRL distribution point URLextendedKeyUsages(List<String> extendedKeyUsages) Adds extended key usages certificate extensionissuer(CertificateToken issuerCertificate, PrivateKey issuerPrivateKey, SignatureAlgorithm signatureAlgorithm) Sets mandatory information about the certificate's issuer to sign the created certificate with a CertificateToken of the issuerissuer(org.bouncycastle.asn1.x500.X500Name issuerName, PrivateKey issuerPrivateKey, SignatureAlgorithm signatureAlgorithm) Sets mandatory information about the certificate's issuer to sign the created certificatekeyUsages(List<KeyUsageBit> keyUsages) Sets the key usages for the certificateSets mandatory information about the certificate's notAfter fieldSets mandatory information about the certificate's notBefore fieldSets the OCSP access point URLocspNoCheck(boolean ocspNoCheck) Sets whether the ocsp-no-check extension shall be presentqcCClegislations(List<String> qcCClegislations) Sets the QcCCLegislation IdsqcStatements(List<String> qcStatements) Sets the QcStatement IdsSets the QcType Idssubject(org.bouncycastle.asn1.x500.X500Name subjectName, BigInteger serialNumber, PublicKey publicKey) Sets mandatory information about the certificate
-
Constructor Details
-
X509CertificateBuilder
public X509CertificateBuilder()Default constructor to create an empty instance of X509CertificateBuilder. Methods#subjectandissuershall be called at minimum to create aX509CertificateHolder
-
-
Method Details
-
subject
public X509CertificateBuilder subject(org.bouncycastle.asn1.x500.X500Name subjectName, BigInteger serialNumber, PublicKey publicKey) Sets mandatory information about the certificate- Parameters:
subjectName-X500Namerepresenting a DN subject name of the certificate to be createdserialNumber-BigIntegerrepresenting a certificate's serial numberpublicKey-PublicKeyof the certificate to be created- Returns:
X509CertificateBuilderthis
-
issuer
public X509CertificateBuilder issuer(org.bouncycastle.asn1.x500.X500Name issuerName, PrivateKey issuerPrivateKey, SignatureAlgorithm signatureAlgorithm) Sets mandatory information about the certificate's issuer to sign the created certificate- Parameters:
issuerName-X500Namerepresenting a DN issuer name of the certificate to be createdissuerPrivateKey-PrivateKeyof the issuer certificate to sign the certificatesignatureAlgorithm-SignatureAlgorithmto be used on signature creation- Returns:
X509CertificateBuilderthis
-
issuer
public X509CertificateBuilder issuer(CertificateToken issuerCertificate, PrivateKey issuerPrivateKey, SignatureAlgorithm signatureAlgorithm) Sets mandatory information about the certificate's issuer to sign the created certificate with a CertificateToken of the issuer- Parameters:
issuerCertificate-CertificateTokenrepresenting a certificate token of the issuerissuerPrivateKey-PrivateKeyof the issuer certificate to sign the certificatesignatureAlgorithm-SignatureAlgorithmto be used on signature creation- Returns:
X509CertificateBuilderthis
-
notBefore
Sets mandatory information about the certificate's notBefore field- Parameters:
notBefore-Daterepresenting a certificate's notBefore time- Returns:
X509CertificateBuilderthis
-
notAfter
Sets mandatory information about the certificate's notAfter field- Parameters:
notAfter-Daterepresenting a certificate's notAfter time- Returns:
X509CertificateBuilderthis
-
keyUsages
Sets the key usages for the certificate- Parameters:
keyUsages- a list ofKeyUsageBits- Returns:
X509CertificateBuilderthis
-
certificatePolicies
Sets the certificate policies for the certificate- Parameters:
certificatePolicies- a list ofStringcertificate policy identifiers- Returns:
X509CertificateBuilderthis
-
qcStatements
Sets the QcStatement Ids- Parameters:
qcStatements- a list ofStringqcStatement identifiers- Returns:
X509CertificateBuilderthis
-
qcTypes
Sets the QcType Ids- Parameters:
qcTypes- a list ofStringqcType identifiers- Returns:
X509CertificateBuilderthis
-
qcCClegislations
Sets the QcCCLegislation Ids- Parameters:
qcCClegislations- a list ofStringqcCCLegislation identifiers- Returns:
X509CertificateBuilderthis
-
ca
Sets whether the certificate is a CA certificate- Parameters:
ca- whether the certificate is a CA certificate- Returns:
X509CertificateBuilderthis
-
ocspNoCheck
Sets whether the ocsp-no-check extension shall be present- Parameters:
ocspNoCheck- whether the ocsp-no-check extension shall be present- Returns:
X509CertificateBuilderthis
-
extendedKeyUsages
Adds extended key usages certificate extension- Parameters:
extendedKeyUsages- a list ofStringOIDs- Returns:
X509CertificateBuilderthis
-
crl
Sets the CRL distribution point URL- Parameters:
crlUrl-String- Returns:
X509CertificateBuilderthis
-
ocsp
Sets the OCSP access point URL- Parameters:
ocspUrl-String- Returns:
X509CertificateBuilderthis
-
caIssuers
Sets the AIA CA Issuers distribution point URL- Parameters:
caIssuersUrl-String- Returns:
X509CertificateBuilderthis
-
build
public CertificateToken build() throws org.bouncycastle.operator.OperatorCreationException, IOExceptionBuilds a certificate token- Returns:
CertificateToken- Throws:
org.bouncycastle.operator.OperatorCreationException- if an error on certificate signing occursIOException- if an error on certificate's content creation occurs
-