The CertPathBuilder Class

The CertPathBuilder class is an engine class used to build a certification path.

Creating a CertPathBuilder Object

As with all engine classes, the way to get a CertPathBuilder object for a particular build algorithm is to call one of the getInstance static factory methods on the CertPathBuilder class:

public static CertPathBuilder getInstance(String algorithm)

public static CertPathBuilder getInstance(String algorithm,
                                          String provider)

public static CertPathBuilder getInstance(String algorithm,
                                     Provider provider)

The algorithm parameter is the name of a certification path builder algorithm (for example, "PKIX"). Standard CertPathBuilder algorithm names are listed in Appendix A.

Building a Certification Path

After a CertPathBuilder object is created, paths can be constructed by calling the build method, and passing to it an algorithm-specific parameter specification:

  public final CertPathBuilderResult build(CertPathParameters params)
         throws CertPathBuilderException,
                InvalidAlgorithmParameterException

If the build algorithm is successful, the result is returned in an object that implements the CertPathBuilderResult interface. Otherwise, a CertPathBuilderException is thrown containing information about the failure such as the underlying exception (if any) and an error message.

Note that the CertPathParameters that is passed to the build method must be of a type that is supported by the build algorithm. Otherwise, an InvalidAlgorithmParameterException is thrown.

The PKIXRevocationChecker class is a vehicle for passing additional parameters to the CertPathBuilder class. For more information, see The PKIXRevocationChecker Class.