On 3/20/14, 11:00 AM, "M. D." <mo...@abv.bg> wrote: > Okay, thanks a lot for your responses! (: > >So to sum things up: > >1] It is not a very common usecase to have multiple certificates embedded >in a document
I can't say how common it is. I think PKIX is a joke at this point, so I'm not the best one to ask. >2] This is the reason KeyInfo only has a method getX509Certificate() that >returns THE embedded certificate That's basically defining itself as returning the entity cert. That by definition is a single cert, not a chain. >3] In case multiple certificates are embedded I have to access the >X509DataS from the KeyInfo and then iterate through the X509Certificates. Yes. -- Scott
