com.unboundid.util.ssl.cert (UnboundID LDAP SDK for Java 7.0.1)

Class Summary
Class	Description
AuthorityKeyIdentifierExtension	This class provides an implementation of the authority key identifier X.509 certificate extension as described in RFC 5280 section 4.2.1.1.
BasicConstraintsExtension	This class provides an implementation of the basic constraints X.509 certificate extension as described in RFC 5280 section 4.2.1.9.
CRLDistributionPoint	This class implements a data structure that provides information about a CRL distribution point for use in conjunction with the `CRLDistributionPointsExtension`.
CRLDistributionPointsExtension	This class provides an implementation of the CRL distribution points X.509 certificate extension as described in RFC 5280 section 4.2.1.13.
DecodedPrivateKey	This class defines the parent class for a decoded private key that may appear in a PKCS #8 private key object.
DecodedPublicKey	This class defines the parent class for a decoded public key that may appear in an X.509 certificate.
EllipticCurvePrivateKey	This class provides a data structure for representing the information contained in an elliptic curve private key.
EllipticCurvePublicKey	This class provides a data structure for representing the information contained in an elliptic curve public key in an X.509 certificate.
ExtendedKeyUsageExtension	This class provides an implementation of the extended key usage X.509 certificate extension as described in RFC 5280 section 4.2.1.12.
GeneralAlternativeNameExtension	This class provides support for decoding the values of the `SubjectAlternativeNameExtension` and `IssuerAlternativeNameExtension` extensions as described in RFC 5280 sections 4.2.1.6 and 4.2.1.7.
GeneralNames	This class provides a data structure that represents a `GeneralNames` element that may appear in a number of X.509 certificate extensions, including `SubjectAlternativeNameExtension`, `IssuerAlternativeNameExtension`, `AuthorityKeyIdentifierExtension`, and `CRLDistributionPointsExtension`.
IssuerAlternativeNameExtension	This class provides an implementation of the issuer alternative name X.509 certificate extension as described in RFC 5280 section 4.2.1.7.
KeyUsageExtension	This class provides an implementation of the key usage X.509 certificate extension as described in RFC 5280 section 4.2.1.3.
ManageCertificates	This class provides a tool that can be used to manage X.509 certificates for use in TLS communication.
PKCS10CertificateSigningRequest	This class provides support for decoding a PKCS #10 certificate signing request (aka certification request or CSR) as defined in RFC 2986.
PKCS8EncryptionHandler	This class provides a set of utility methods for interacting with encrypted PKCS #8 private keys.
PKCS8EncryptionProperties	This class defines a set of properties that may be used when encrypting a PKCS #8 private key.
PKCS8PEMFileReader	This class provides a mechanism for reading a PEM-encoded PKCS #8 private key from a specified file.
PKCS8PrivateKey	This class provides support for decoding an X.509 private key encoded in the PKCS #8 format as defined in RFC 5958.
RSAPrivateKey	This class provides a data structure for representing the information contained in an RSA private key.
RSAPublicKey	This class provides a data structure for representing the information contained in an RSA public key in an X.509 certificate.
SubjectAlternativeNameExtension	This class provides an implementation of the subject alternative name X.509 certificate extension as described in RFC 5280 section 4.2.1.6.
SubjectKeyIdentifierExtension	This class provides an implementation of the subject key identifier X.509 certificate extension as described in RFC 5280 section 4.2.1.2.
X509Certificate	This class provides support for decoding an X.509 certificate as defined in RFC 5280.
X509CertificateExtension	This class represents a data structure that holds information about an X.509 certificate extension.
X509PEMFileReader	This class provides a mechanism for reading PEM-encoded X.509 certificates from a specified file.

Enum Summary
Enum	Description
CRLDistributionPointRevocationReason	This enum defines a set of reasons for which a CRL distribution point may revoke a certificate.
ExtendedKeyUsageID	This enum defines a set of OIDs that are known to be used in the `ExtendedKeyUsageExtension`.
NamedCurve	This enum defines a set of OIDs that are known to be associated with elliptic curve keys.
PKCS10CertificateSigningRequestVersion	This enum defines a set of supported PKCS #10 certificate signing request versions.
PKCS5AlgorithmIdentifier	This enum defines a set of OIDs and algorithm names for password-based cryptography as described in the PKCS #5 specification defined in RFC 8018.
PKCS8PrivateKeyVersion	This enum defines a set of supported PKCS #8 private key versions.
PublicKeyAlgorithmIdentifier	This enum defines a set of public key algorithm names and OIDs.
RSAPrivateKeyVersion	This enum defines a set of supported RSA private key versions.
SignatureAlgorithmIdentifier	This enum defines a set of algorithm names and OIDs.
X509CertificateVersion	This enum defines a set of supported X.509 certificate versions.

Exception Summary
Exception Description

CertException
This class defines an exception that can be thrown if a problem is encountered while performing certificate processing.

Exception Summary
Exception	Description
CertException	This class defines an exception that can be thrown if a problem is encountered while performing certificate processing.

Package com.unboundid.util.ssl.cert Description

This package provides a number of classes that can be used to parse X.509 certificates, PKCS #8 private keys, PKCS #10 certificate signing requests, and other related entities.

This package also provides the ManageCertificates class, which implements a command-line tool for performing all kinds of It also provides a manage-certificates command-line tool that provides support for several certificate-related and key-related functions, including:

Listing the contents of a JKS or PKCS #12 keystore.
Exporting certificates and private keys from a JKS or PKCS #12 keystore to PEM or DER files.
Importing certificates and private keys from PEM or DER files into a JKS or PKCS #12 keystore.
Removing certificates and private keys from a JKS or PKCS #12 keystore.
Generating self-signed certificates in JKS or PKCS #12 keystore.
Generating certificate signing requests (CSRs) from a key in a JKS or PKCS #12 keystore (creating a new key if necessary).
Signing certificate signing requests using a certificate in a JKS or PKCS #12 keystore.
Changing the alias of a certificate or key in a JKS or PKCS #12 keystore.
Connecting to a server, initiating TLS negotiation, capturing the certificate chain presented during that negotiation process, and importing the chain into a JKS or PKCS #12 keystore so that it can be used as a trust store for TLS clients.
Validating the suitability of a specified certificate in a JKS or PKCS #12 keystore for use as a TLS sever certificate.
Decoding and printing a set of PEM-formatted or DER-formatted certificates contained in a specified file.
Decoding and printing a PEM-formatted or DER-formatted certificate signing request contained in a specified file.