Creating an X509 Certificate in Java without BouncyCastle?

Question

Is it possible to sanely create an X509 Certificate in Java code without using the Bouncy Castle X509V*CertificateGenerator classes?

Answer 1

Depends on what exactly you want to do (and probably your definition of "Sanely"). As ZZ Coder pointed out, you can create a self-signed certificate directly by copying keytool. But I don't believe you can create a PKCS10 certificate request object with the standard JCE, which you probably need to do if you want to create standard CA-signed EECs.