certGen.setNotBefore( startDate );
certGen.setNotAfter( expiryDate );
certGen.setSubjectDN( subjectName );
certGen.setPublicKey( publicKey );
certGen.setSignatureAlgorithm( "SHA1With" + keyAlgo );
X509Certificate cert = certGen.generate( privateKey, "BC" );
// Write the modifications
ModifyRequest request = new ModifyRequestImpl();
request.setName( dn );
request.replace( PRIVATE_KEY_AT, privateKey.getEncoded() );