use of sun.security.x509.BasicConstraintsExtension in project OpenAttestation by OpenAttestation.
the class X509Builder method keyUsageCertificateAuthority.
public X509Builder keyUsageCertificateAuthority() {
try {
v3();
// certificate authority basic constraint
// true indicates this is a CA; -1 means no restriction on path length; 0 or more to set a restriction on max number of certs under this one in the chain
BasicConstraintsExtension constraintsExtension = new BasicConstraintsExtension(true, -1);
// certificate signing extension
if (keyUsageExtension == null) {
keyUsageExtension = new KeyUsageExtension();
}
keyUsageExtension.set(KeyUsageExtension.KEY_CERTSIGN, true);
// add both
if (certificateExtensions == null) {
certificateExtensions = new CertificateExtensions();
}
certificateExtensions.set(keyUsageExtension.getExtensionId().toString(), keyUsageExtension);
certificateExtensions.set(constraintsExtension.getExtensionId().toString(), constraintsExtension);
info.set(X509CertInfo.EXTENSIONS, certificateExtensions);
} catch (Exception e) {
fault(e, "keyUsageCertificateAuthority");
}
return this;
}
Aggregations