Providing an X509 Certificate Usage Key Created Using Java BouncyCastle

Here is my piece of code to generate an X509Certificate with the BouncyCastle API

 private static X509Certificate createCertificate(String dn, String issuer, PublicKey publicKey, PrivateKey privateKey) throws Exception { X509V3CertificateGenerator certGenerator = new X509V3CertificateGenerator(); certGenerator.setSerialNumber(BigInteger.valueOf(Math.abs(new Random() .nextLong()))); certGenerator.setIssuerDN(new X509Name(dn)); certGenerator.setSubjectDN(new X509Name(dn)); certGenerator.setIssuerDN(new X509Name(issuer)); // Set issuer! certGenerator.setNotBefore(Calendar.getInstance().getTime()); certGenerator.setNotAfter(Calendar.getInstance().getTime()); certGenerator.setPublicKey(publicKey); certGenerator.setSignatureAlgorithm("SHA1WithRSAEncryption"); **certGenerator..... ??? what for key usage ?** X509Certificate certificate = (X509Certificate) certGenerator.generate( privateKey, "BC"); return certificate; } 

The full code you can see here

My question is that it is not possible to establish the use of a key for the generated digital certificate.

I am trying to establish usage as Encryption. . Class X509V3CertificateGenerator does not have such a method / path.

How to do it.

Thanks for any tips.