[Ejbca-develop] Getting CA certificates in PKCS#7

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Hello,

I would like to specify in the AIA (Authority Information Access) 
extension of an end entity certificate the URL of a PKCS#7 file 
containing CA certificates (issuer of the end entity and parent's 
certificates up to the root CA). It seems to be that EJBCA is able to 
get CA certificates in PEM but not in PKCS#7 "certs-only" which is 
required by the RFC 5280 (page 49):

    Where the information is available via HTTP or FTP, accessLocation
    MUST be a uniformResourceIdentifier and the URI MUST point to either
    a single DER encoded certificate as specified in [RFC2585] or a
    collection of certificates in a BER or DER encoded "certs-only" CMS
    message as specified in [RFC2797].

How can I get CA certificates in CMS/PKCS#7 "certs-only" from EJBCA ?

Regards,
Julien