Package com.unboundid.util.ssl.cert
Class BasicConstraintsExtension
- java.lang.Object
-
- com.unboundid.util.ssl.cert.X509CertificateExtension
-
- com.unboundid.util.ssl.cert.BasicConstraintsExtension
-
- All Implemented Interfaces:
java.io.Serializable
@NotMutable @ThreadSafety(level=COMPLETELY_THREADSAFE) public final class BasicConstraintsExtension extends X509CertificateExtension
This class provides an implementation of the basic constraints X.509 certificate extension as described in RFC 5280 section 4.2.1.9. This can be used to indicate whether a certificate is a certification authority (CA), and the maximum depth of certification paths that include this certificate.
The OID for this extension is 2.5.29.19 and the value has the following encoding:BasicConstraints ::= SEQUENCE { cA BOOLEAN DEFAULT FALSE, pathLenConstraint INTEGER (0..MAX) OPTIONAL }
- See Also:
- Serialized Form
-
-
Field Summary
Fields Modifier and Type Field Description static OID
BASIC_CONSTRAINTS_OID
The OID (2.5.29.19) for basic constraints extensions.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description java.lang.String
getExtensionName()
Retrieves the name for this extension.java.lang.Integer
getPathLengthConstraint()
Retrieves the path length constraint for the associated certificate, if defined.boolean
isCA()
Indicates whether the associated certificate is a certification authority (that is, can be used to sign other certificates).void
toString(java.lang.StringBuilder buffer)
Appends a string representation of this certificate extension to the provided buffer.-
Methods inherited from class com.unboundid.util.ssl.cert.X509CertificateExtension
getOID, getValue, isCritical, toString
-
-
-
-
Field Detail
-
BASIC_CONSTRAINTS_OID
public static final OID BASIC_CONSTRAINTS_OID
The OID (2.5.29.19) for basic constraints extensions.
-
-
Method Detail
-
isCA
public boolean isCA()
Indicates whether the associated certificate is a certification authority (that is, can be used to sign other certificates).- Returns:
true
if the associated certificate is a certification authority, orfalse
if not.
-
getPathLengthConstraint
public java.lang.Integer getPathLengthConstraint()
Retrieves the path length constraint for the associated certificate, if defined. IfisCA()
returnstrue
and this method returns a non-null
value, then any certificate chain that includes the associated certificate should not be trusted if the chain contains more than this number of certificates.- Returns:
- The path length constraint for the associated certificate, or
null
if no path length constraint is defined.
-
getExtensionName
public java.lang.String getExtensionName()
Retrieves the name for this extension.- Overrides:
getExtensionName
in classX509CertificateExtension
- Returns:
- The name for this extension.
-
toString
public void toString(java.lang.StringBuilder buffer)
Appends a string representation of this certificate extension to the provided buffer.- Overrides:
toString
in classX509CertificateExtension
- Parameters:
buffer
- The buffer to which the information should be appended.
-
-