Novell is now a part of Micro Focus

Novell Certificate Server Classes for Java

Certificate Server for Java* enables you to access the Certificate Server API directly from your Java programs. This API provides a JNI interface to the native Certificate Server API, which is supported on all eDirectory platforms.


Your use of these files is subject to the Novell Developer License Agreement unless different license terms accompany the file itself, in which case those terms govern.





Download Archive


What's New

October 17, 2007


  • Updated source code to the 3.3.0 version. New features include:
  • Support for the SHA-2 signing algorithm.
  • Support for forcing the acquisition of a new CRL rather than using a cached CRL during certificate chain validation.
  • Support for User and Server Self-Provisioning via new SecurityRightsLevel APIs.
  • The capability to require Write rights to operate the CA via new SecurityRightsLevel APIs.
  • The capability to allow any authenticated user to cause the CA to issue an emergency CRL via new SecurityRightsLevel APIs.
  • Support for the PKCS#8 Private Key type in the NPKIT PEM types.
  • Changes to support 64 bit versions.
  • A flag for NPKIGetServerInfo that is used to remotely start the Server Health Check.
  • A flag for NPKICreateDefaultCertificates, which will cause the default certificates to be re-created if the CA has changed.
  • Changed NPKICreateDefaultCertificates to automatically add subject alternative names when creating the default certificates.
  • APIs to configure the new KMO Export functionality which can export a KMO's certificates and private-key to the file system in a format consistent with Apache or OpenSSL Servers. (This functionality is not needed or available on NetWare.)
  • Various bug fixes.


  • Added Javadoc links to the new classes added with the 3.3.0 release: NPKI_AccessDescription, NPKI_ExtAIValues, and NPKITcsr.


  • No changes.


Novell Certificate Server Classes for Java

Novell Certificate Server Classes for Java require:
  • The JNI interface for both PKIAPI and NPKIT, which is contained in npki.jar.
  • The latest JVM.
  • The same dependencies as Novell eDirectory.
  • PKI code (3.3x) will run on eDirectory, but the following new features are supported only in eDirectory 8.8.x and above:
    • Certificate Server creation of CRL distribution points.
    • Functionality that creates and uses PKI Container object(s).
    • Functionality that creates and uses CRL Configuration object(s).
    • Functionality that creates and uses CRL Distribution Point object(s).
    • Issuing CRLs.
    • Revocation of certificates.
    • Support for Subordinate CAs; that is, having the Organizational CA be subordinate to either a third-party CA or another eDirectory tree.
    • Support for 4096 bit key size; that is, support for key sizes greater than 2048 bits.

    Note: Although the new features listed above might work on eDirectory 8.7x, they have only been tested and are officially supported on eDirectory 8.8x and above.


This component is peer supported by the Novell developer community. News

novell.devsup.ncsjava (read-only) News

© Copyright Micro Focus or one of its affiliates