Keytool includes functions that are not available through public APIs, but these tools were designed to be run by a human being and it's difficult to running them in an application. The enhancement intends to create new APIs that cover these functions, including
- -genkeypair, -gencert, and -certreq of keytool
A new interface Certificate.Builder will be added to build certificates and certificate requests. CertificateFactory will support creating a builder.