RFR: 8325766: Extend CertificateBuilder to create trust and end entity certificates programmatically [v7]

[Sean Mullan]

On Fri, 29 Aug 2025 15:16:04 GMT, Matthew Donovan <mdonovan at openjdk.org> wrote:

>> This PR updates the CertificateBuilder with a new method that creates a new instance with common fields (subject name, public key, serial number, validity, and key uses) filled-in. One test, IPIdentities.java, is updated to show how the method can be used to create various certificates. I attached screenshots that compare the old hard-coded certificates (left) with the new generated certificates.
>> 
>> ![trusted-cert](https://github.com/user-attachments/assets/4bfaca10-74f3-4d24-9796-288358ae00e1)
>> ![server-cert](https://github.com/user-attachments/assets/51ce8ed2-0784-44ab-96a1-9d0a2ea66aaa)
>> ![client-cert](https://github.com/user-attachments/assets/5090a71e-ef7a-4303-ae1a-78f89878d1c0)
>
> Matthew Donovan has updated the pull request with a new target base due to a merge or a rebase. The pull request now contains 16 commits:
> 
>  - Merge branch 'master' into certbuilder
>  - changed keystore to PKCS12 and remove key initialization
>  - added new method, setOneHourValidity(), and removed it from the static method.
>  - Merge branch 'master' into certbuilder
>  - fixed redundant setNotAfter() calls. One of them should have been setNotBefore
>  - Merge branch 'master' into certbuilder
>  - expanded wildcard imports
>  - Merge branch 'master' into certbuilder
>  - Merge branch 'master' into certbuilder
>  - reversed order of DN strings when making certificates.
>  - ... and 6 more: https://git.openjdk.org/jdk/compare/452b052f...98ae3e4b

Marked as reviewed by mullan (Reviewer).

-------------

PR Review: https://git.openjdk.org/jdk/pull/23700#pullrequestreview-3169128309