public interface PolicyNode
One of the outputs of the PKIX certification path validation algorithm is a valid policy tree, which includes the policies that were determined to be valid, how this determination was reached, and any policy qualifiers encountered. This tree is of depth n, where n is the length of the certification path that has been validated.
Most applications will not need to examine the valid policy tree.
 They can achieve their policy processing goals by setting the
 policy-related parameters in PKIXParameters. However,
 the valid policy tree is available for more sophisticated applications,
 especially those that process policy qualifiers.
 
PKIXCertPathValidatorResult.getPolicyTree returns the root node of the
 valid policy tree. The tree can be traversed using the
 getChildren and getParent methods.
 Data about a particular node can be retrieved using other methods of
 PolicyNode.
 
Concurrent Access
All PolicyNode objects must be immutable and
 thread-safe. Multiple threads may concurrently invoke the methods defined
 in this class on a single PolicyNode object (or more than one)
 with no ill effects. This stipulation applies to all public fields and
 methods of this class and any added or overridden by subclasses.
| Modifier and Type | Method and Description | 
|---|---|
| Iterator<? extends PolicyNode> | getChildren()Returns an iterator over the children of this node. | 
| int | getDepth()Returns the depth of this node in the valid policy tree. | 
| Set<String> | getExpectedPolicies()Returns the set of expected policies that would satisfy this
 node's valid policy in the next certificate to be processed. | 
| PolicyNode | getParent()Returns the parent of this node, or  nullif this is the
 root node. | 
| Set<? extends PolicyQualifierInfo> | getPolicyQualifiers()Returns the set of policy qualifiers associated with the
 valid policy represented by this node. | 
| String | getValidPolicy()Returns the valid policy represented by this node. | 
| boolean | isCritical()Returns the criticality indicator of the certificate policy extension
 in the most recently processed certificate. | 
PolicyNode getParent()
null if this is the
 root node.null if this is the
 root nodeIterator<? extends PolicyNode> getChildren()
Iterator's remove method must throw an
 UnsupportedOperationException.int getDepth()
String getValidPolicy()
String OID of the valid policy
 represented by this node. For the root node, this method always returns
 the special anyPolicy OID: "2.5.29.32.0".Set<? extends PolicyQualifierInfo> getPolicyQualifiers()
Set of
 PolicyQualifierInfos. For the root node, this
 is always an empty Set.Set<String> getExpectedPolicies()
Set of expected policy
 String OIDs. For the root node, this method
 always returns a Set with one element, the
 special anyPolicy OID: "2.5.29.32.0".boolean isCritical()
true if extension marked critical,
 false otherwise. For the root node, false
 is always returned. Submit a bug or feature 
For further API reference and developer documentation, see Java SE Documentation. That documentation contains more detailed, developer-targeted descriptions, with conceptual overviews, definitions of terms, workarounds, and working code examples.
 Copyright © 1993, 2025, Oracle and/or its affiliates.  All rights reserved. Use is subject to license terms. Also see the documentation redistribution policy.