Any X.509 v3 Certificatemay be signed by CA which means that validating the signature requires access to the X.509 v3 Certificatebelonging to the signing CA. Whenever an application validates a signature it must recursively build a chain of Certificatesby finding the issuer Certificate, validating the Certificateand then repeat the process for the issuer Certificate. The chain ends with a self-signed Certificate.

The number of CAs used in a system should be small so it is common to install the necessary CAs on each machine with an OPC UA application. However, applications have the option of including a partial or complete chain whenever they pass a Certificateto a peer during the SecureChannelnegotiation and during the CreateSession/ActivateSessionhandshake. All OPC UA applications shall accept partial or complete chains in any field that contains a DER encoded Certificate.

Chains are stored in a ByteStringby simply appending the DER encoded form of the Certificates. The first Certificateshall be the end Certificatefollowed by its issuer. If the root CA is sent as part of the chain it is last Certificateappended to the ByteString.

Chains are parsed by extracting the length of each Certificate from the DER encoding. For Certificates with lengths less than 65 535 bytes it is a MSB encoded UInt16 starting at the 3rdbyte.