The Java Certification Path defines a set of classes and interfaces to create, build and validate digital certification paths. A digital certificate is a data structure of the binding between a subject and a public key signed by a Certification Authority (CA). In practice, CA's may have their own certificates issued by a higher-level authority. To verify the binding, a valid chain of certificates must be found from end entity certificates up to a CA that is recognized and trusted. The process of validating certificate chains is an important part of PKI-enabled systems.
