public abstract class CertStoreSpi extends Object
CertStore class. All CertStore
 implementations must include a class (the SPI class) that extends
 this class (CertStoreSpi), provides a constructor with
 a single argument of type CertStoreParameters, and implements
 all of its methods. In general, instances of this class should only be
 accessed through the CertStore class.
 For details, see the Java Cryptography Architecture.
 Concurrent Access
 The public methods of all CertStoreSpi objects must be
 thread-safe. That is, multiple threads may concurrently invoke these
 methods on a single CertStoreSpi object (or more than one)
 with no ill effects. This allows a CertPathBuilder to search
 for a CRL while simultaneously searching for further certificates, for
 instance.
 
 Simple CertStoreSpi implementations will probably ensure
 thread safety by adding a synchronized keyword to their
 engineGetCertificates and engineGetCRLs methods.
 More sophisticated ones may allow truly concurrent access.
| Constructor and Description | 
|---|
| CertStoreSpi(CertStoreParameters params)The sole constructor. | 
| Modifier and Type | Method and Description | 
|---|---|
| abstract Collection<? extends Certificate> | engineGetCertificates(CertSelector selector)Returns a  CollectionofCertificates that
 match the specified selector. | 
| abstract Collection<? extends CRL> | engineGetCRLs(CRLSelector selector)Returns a  CollectionofCRLs that
 match the specified selector. | 
public CertStoreSpi(CertStoreParameters params) throws InvalidAlgorithmParameterException
params - the initialization parameters (may be null)InvalidAlgorithmParameterException - if the initialization
 parameters are inappropriate for this CertStoreSpipublic abstract Collection<? extends Certificate> engineGetCertificates(CertSelector selector) throws CertStoreException
Collection of Certificates that
 match the specified selector. If no Certificates
 match the selector, an empty Collection will be returned.
 
 For some CertStore types, the resulting
 Collection may not contain all of the
 Certificates that match the selector. For instance,
 an LDAP CertStore may not search all entries in the
 directory. Instead, it may just search entries that are likely to
 contain the Certificates it is looking for.
 
 Some CertStore implementations (especially LDAP
 CertStores) may throw a CertStoreException
 unless a non-null CertSelector is provided that includes
 specific criteria that can be used to find the certificates. Issuer
 and/or subject names are especially useful criteria.
selector - A CertSelector used to select which
  Certificates should be returned. Specify null
  to return all Certificates (if supported).Collection of Certificates that
         match the specified selector (never null)CertStoreException - if an exception occurspublic abstract Collection<? extends CRL> engineGetCRLs(CRLSelector selector) throws CertStoreException
Collection of CRLs that
 match the specified selector. If no CRLs
 match the selector, an empty Collection will be returned.
 
 For some CertStore types, the resulting
 Collection may not contain all of the
 CRLs that match the selector. For instance,
 an LDAP CertStore may not search all entries in the
 directory. Instead, it may just search entries that are likely to
 contain the CRLs it is looking for.
 
 Some CertStore implementations (especially LDAP
 CertStores) may throw a CertStoreException
 unless a non-null CRLSelector is provided that includes
 specific criteria that can be used to find the CRLs. Issuer names
 and/or the certificate to be checked are especially useful.
selector - A CRLSelector used to select which
  CRLs should be returned. Specify null
  to return all CRLs (if supported).Collection of CRLs that
         match the specified selector (never null)CertStoreException - if an exception occurs Submit a bug or feature 
For further API reference and developer documentation, see Java SE Documentation. That documentation contains more detailed, developer-targeted descriptions, with conceptual overviews, definitions of terms, workarounds, and working code examples.
 Copyright © 1993, 2025, Oracle and/or its affiliates.  All rights reserved. Use is subject to license terms. Also see the documentation redistribution policy.