3.1.5.1.2.3 Processing Details

The server MUST perform the following steps after receiving GetMetaData request:

  • Get the PrimaryEncryptionCertificate from the registry. If the PrimaryEncryptionCertificate is not found in the registry, return the error string “Primary Encryption Certificate not found”.

  • Get the PrimarySigningCertificate from the registry. If the PrimarySigningCertificate is not found in the registry, return the error string “Primary Signing Certificate not found”.

  • If the request includes adding OtherSigningCertificates to the metadata, get the non-primary signing certificates from the registry,

  • Create signatures needed to generate the metadata document using the primary certificates retrieved above in an implementation-specific manner,

  • Generate the metadata document and return to the calling application.