The provider can also be configured as part of your environment via
static registration by adding an entry to the java.security properties
file (found in $JAVA_HOME/jre/lib/security/java.security, where
$JAVA_HOME is the location of your JDK/JRE distribution).
DESede - the default for this is to generate a key in
a-b-a format that's 24 bytes long but has 16 bytes of
key material (the first 8 bytes is repeated as the last
8 bytes).
The following extensions are listed in RFC 2459 as relevant to CRL Entries
ReasonCode
Hode Instruction Code
Invalidity Date
Certificate Issuer (critical)
The following extensions are listed in RFC 2459 as relevant to CRLs
Authority Key Identifier
Issuer Alternative Name
CRL Number
Delta CRL Indicator (critical)
Issuing Distribution Point (critical)