Java CertificateFactory

Jakob Jenkov
Last update: 2018-02-14

The Java CertificateFactory class ( is capable of creating Java Certificate instances from binary certificate encodings like X.509 (ASN.1 DER). To read more about the Java Certificate class, see the Java Certificate tutorial.

The Java CertificateFactory can also create CertPath instances. A CertPath is a chain of certificates where each certificate in the chain is signed by the next certificate in the chain. See the Java CertPath tutorial for more information about the CertPath class.

Creating a CertificateFactory Instance

Before you can create Certificate instances you must create a Java CertificateFactory instance. Here is an example of creating a CertificateFactory:

 CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");

This example creates a CertificateFactory instance capable of creating X.509 certificate instances (X509Certificate - a subclass of Certificate).

Creating a Certificate Instance

Once you have created a CertificateFactory instance you can start creating Certificate instances. You do so via the generateCertificate() method. Here is a generateCertificate() example:

InputStream certificateInputStream = new FileInputStream("my-x509-certificate.crt");

Certificate certificate = certificateFactory.generateCertificate(certificateInputStream);

Creating a CertPath Instance

The Java CertificateFactory can also create a CertPath instance. You create a CertPath instance by calling the CertificateFactory generateCertPath() method. Here is a generateCertPath() example:

InputStream certificateInputStream = new FileInputStream("my-x509-certificate-chain.crt");

CertPath certPath = certificateFactory.generateCertPath(certificateInputStream);

Jakob Jenkov

Featured Videos

Core Software Performance Optimization Principles


Java Persistence
Close TOC

All Trails

Trail TOC

Page TOC