A CertStore object is a repository for Certificate and CRL objects. You may query a CertStore for a java.util.Collection of Certificate or CRL objects that match specified criteria by passing a CertSelector or CRLSelector to getCertificates( ) or getCRLs( ) . A CertStore is conceptually similar to a java.security.KeyStore , but there are significant differences in how the two classes are intended to be used. A KeyStore is designed to store a relatively small local collection of private keys and trusted certificates. A CertStore , however, may represent a large public database (in the form of an LDAP server, for examle) of untrusted certificates. Obtain a CertStore object by calling a getInstance( ) method and specifying the name of the desired CertStore type and a CertStoreParameters object that is specific to that type. Optionally, you may also specify the desired provider of your CertStore object. The default "SUN" provider defines two CertStore types, named "LDAP" and "Collection", which you should use with LDAPCertStoreParameters and CollectionCertStoreParameters objects, respectively. The "LDAP" type obtains certificates and CRLs from a network LDAP server, and the "Collection" type obtains them from a a specified Collection object. The CertStore class may be directly useful to applications that want to query a LDAP server for certificates. It is also used by PKIXParameters.addCertStore( ) and PKIXParameters.setCertStores( ) to specify a source of certificates to by used by the CertPathBuilder and CertPathValidator classes. All public methods of CertStore are threadsafe. public class CertStore { // Protected Constructors protected CertStore (CertStoreSpi storeSpi , java.security.Provider provider , String type , CertStoreParameters params ); // Public Class Methods public static final String getDefaultType ( ); public static CertStore getInstance (String type , CertStoreParameters params ) throws java.security.InvalidAlgorithmParameterException, java.security.NoSuchAlgorithmException; public static CertStore getInstance (String type , CertStoreParameters params , String provider ) throws java.security.InvalidAlgorithmParameterException, java.security.NoSuchAlgorithmException, java.security.NoSuchProviderException; public static CertStore getInstance (String type , CertStoreParameters params , java.security.Provider provider ) throws java.security.NoSuchAlgorithmException, java.security.InvalidAlgorithmParameterException; // Public Instance Methods public final java.util.Collection<? extends java.security.cert.Certificate> getCertificates (CertSelector selector ) throws CertStoreException; public final CertStoreParameters getCertStoreParameters ( ); public final java.util.Collection<? extends CRL> getCRLs (CRLSelector selector ) throws CertStoreException; public final java.security.Provider getProvider ( ); public final String getType ( ); } Passed ToPKIXParameters.addCertStore( ) |