Full CA chain

[MarkoPomerants]

I know documentation says to pass in intermediate CAs. But Mobile-ID and Smart-ID libraries require full chain - so I can't reference the same CA directory.

The "getChain()" returns

1. current cert
2. intermediate certs...
3. root cert

Would be nice if this would return the second (intermediate) cert otherwise OCSP revocation check will fail.

web-eid-authtoken-validation-php/src/certificate/CertificateValidator.php

Lines 80 to 87 in bc90006

	if ($certificate->validateSignature()) {
	$chain = $certificate->getChain();
	$trustedCACert = end($chain);
	// Verify that the trusted CA cert is presently valid before returning the result.
	self::certificateIsValidOnDate($trustedCACert, $now, "Trusted CA");
	return $trustedCACert;
	}