What certificates are needed in trusted certificates list?

[olavivaino]

Documentation #4. Add trusted certificate authority certificates (https://github.com/web-eid/web-eid-authtoken-validation-java#4-add-trusted-certificate-authority-certificates) mentions that "You must explicitly specify which intermediate certificate authorities (CAs) are trusted..". Assuming this is talking about certificates issued by SK (https://www.skidsolutions.eu) I went to look up their certificate list at https://www.skidsolutions.eu/resources/certificates/ for certificates marked as "intermediate" - but I found none. This raises question - exactly what certificates are needed in this trusted certificates list?
I guess that ones on the "Issuing-CAs" tab are needed. But can't be sure. And its difficult to find out for sure by testing.
Is it possible to add concrete list of required certificates to documentation?
Naturally this is going to change in the future but its not an impossible task to keep it updated.

[mrts]

Fair point, thank you for bringing this to our attention! Given that Web eID supports eID cards from multiple countries, including Estonia, Finland, Latvia, Lithuania, Belgium, and Croatia, the number of intermediate CAs is quite extensive. Therefore, it's not feasible to provide a comprehensive list of all required certificates in our documentation. We suggest referring to the national trust lists or eID schemes for authoritative information on the necessary certificates. However, we understand the challenge this presents so there is room for improvement in the documentation - @kristelmerilain, should we improve the documentation?

You mentioned SK ID Solutions - in case you are interested only in Estonian trusted certificate list, the concrete instructions and examples are available, please refer to the trusted certificates configuration section in the Web eID Spring Boot example documentation.