Hi, I found a small problem when I have some x509v1 certificates in my keystore and want to use SubjectKeyIdentifier token reference to sign/encrypt.
The problem is that when wss4j looks in the keystore given a SKI to find the alias (public String getAliasForX509Cert(byte[] skiBytes) in Merlin.java), if there's a certificate with version <3, it throws a WSSecurityException. I don't know if it's the right behaviour, because it seems to stop any further processing, ignoring the other certificates. I think it should simply skip the wrong one and go on examining the others until it finds the right one. Bye, Davide Romanini
