Whilst the standard Java APIs support the creation of public and private keys these APIs do not have a mechanism for creating a signed certificate.

The latest RFC describing the format of these certificates is here: -
https://datatracker.ietf.org/doc/rfc5280/

Essentially this is about DER encoding of a number of fields combined with signing.

The alternative could to being in something like bouncy castle.