private X509Certificate generateCertificate(X500Principal subject, PublicKey subjectPublic, X500Principal issuer, PublicKey issuerPublicKey, PrivateKey issuerPrivateKey, boolean isCaCert) throws CertificateException {
try {
final Date notBefore = new Date();
final Date notAfter = new Date(notBefore.getTime() + DEFAULT_VALIDITY);
final CertificateSigner signer = createCertificateSigner(issuer, issuerPrivateKey);
final CertificateValidity validity = new CertificateValidity(notBefore, notAfter);
final X509CertInfo info = createCertificateInfo(subject, subjectPublic, issuer, issuerPublicKey, validity, signer);
final CertificateExtensions extensions = (isCaCert) ? (getCACertificateExtensions()) : (getCertificateExtensions(subjectPublic, issuerPublicKey));
info.set(X509CertInfo.EXTENSIONS, extensions);
final X509CertImpl cert = new X509CertImpl(info);
cert.sign(issuerPrivateKey, SIGNATURE_ALGORITHM);