This provides some simple certificate management functionality. Specifically, it allows you to create self-signed X.509 certificates as well as PKCS 10 based certificate signing requests.
Keys for some public key signature algorithms have algorithm parameters, such as DSS/DSA. Some sites' Certificate Authorities adopt fixed algorithm parameters, which speeds up some operations including key generation and signing. At this time, this interface does not provide a way to provide such algorithm parameters, e.g. by providing the CA certificate which includes those parameters.
Also, note that at this time only signature-capable keys may be acquired through this interface. Diffie-Hellman keys, used for secure key exchange, may be supported later. @author David Brownell @author Hemma Prafullchandra @see PKCS10 @see X509CertImpl
|
|