if (this.trustManager != null)
{
try
{
// try using the truststore alias from the service provider metadata.
ServiceProviderType provider = this.spMetadata.get(serviceName);
if(provider != null && provider.getTruststoreAlias() != null)
{
key = this.trustManager.getPublicKey(provider.getTruststoreAlias());
}
// if there was no truststore alias or no PKC under that alias, use the KeyProvider mapping.
if(key == null)
{
key = this.trustManager.getValidatingKey(serviceName);