Certificate/CRL Storage Classes
The Java™ Certification Path
API also includes the CertStore class for retrieving certificates
and CRLs from a repository. This capability is useful because it allows
a caller to specify the repository that a CertPathValidator
or CertPathBuilder
implementation
should use to find certificates and CRLs (see the addCertStores
method
of PKIXParameters
for
an example).
A CertPathValidator
implementation can use the CertStore
object
that the caller specifies as a callback mechanism to fetch CRLs for
performing revocation checks. Similarly, a CertPathBuilder can use
the CertStore as a callback mechanism to fetch certitificates and,
if performing revocation checks, CRLs.