The JDK X509Certificate implementation was designed to be able to parse certificates even if it doesn't support the public key algorithm. In these cases, it returns an implementation specific X509Key object which implements PublicKey. However, this design premise doesn't work if the key includes parameters which it doesn't support, instead it throws an exception. I don't think this was the intention of the design, and it should not try to decode the parameters, or at least not until they are needed by a later cryptographic operation.