/** * Finds a certificate whose public key is paired with the given private key. * * @param key Private key used to find matching public key. * @param candidates Collection of candidate certificates. * * @return Certificate whose public key forms a keypair with the private key or null if no match is found. * * @throws EncodingException on cert field extraction. */ public static X509Certificate findEntityCertificate( final PrivateKey key, final Collection<X509Certificate> candidates) throws EncodingException { for (X509Certificate candidate : candidates) { if (KeyPairUtil.isKeyPair(candidate.getPublicKey(), key)) { return candidate; } } return null; }