/** * Returns the certificate associated with the given alias. * * <p>If the given alias name identifies a <i>trusted certificate entry</i>, the certificate * associated with that entry is returned. If the given alias name identifies a <i>key entry</i>, * the first element of the certificate chain of that entry is returned, or null if that entry * does not have a certificate chain. * * @param alias the alias name * @return the certificate, or null if the given alias does not exist or does not contain a * certificate. */ public Certificate engineGetCertificate(String alias) { AbstractMap.SimpleEntry<String, Collection<KeyStore>> pair = getKeystoresForReading(alias); Certificate cert = null; try { String entryAlias = pair.getKey(); for (KeyStore keystore : pair.getValue()) { cert = keystore.getCertificate(entryAlias); if (cert != null) { break; } } } catch (KeyStoreException e) { throw new IllegalStateException(e); } return cert; }