wolfSSL · rlm2002 · Jul 31, 2025 · Jul 30, 2025
diff --git a/native/com_wolfssl_WolfSSLX509StoreCtx.c b/native/com_wolfssl_WolfSSLX509StoreCtx.c
@@ -93,7 +93,11 @@ JNIEXPORT jobjectArray JNICALL Java_com_wolfssl_WolfSSLX509StoreCtx_X509_1STORE_
             }
             XMEMCPY(buf, der, derSz);
             (*jenv)->ReleaseByteArrayElements(jenv, derArr, buf, 0);
-            (*jenv)->SetObjectArrayElement(jenv, certArr, i, derArr);
+            /* Reverse order, so peer cert is first in returned array,
+             * followed by intermediates, lastly by root. Native
+             * wolfSSL_X509_STORE_GetCerts() returns certs in order of
+             * root to peer, but Java/JSSE expects peer to root */
+            (*jenv)->SetObjectArrayElement(jenv, certArr, skNum-1-i, derArr);
             (*jenv)->DeleteLocalRef(jenv, derArr);
         }
     }

diff --git a/src/java/com/wolfssl/WolfSSLX509StoreCtx.java b/src/java/com/wolfssl/WolfSSLX509StoreCtx.java
@@ -79,6 +79,9 @@ private synchronized void confirmObjectIsActive()
      * Get certificates in WOLFSSL_X509_STORE_CTX as an array of
      * WolfSSLCertificate objects.
      *
+     * The certificate chain is returned in order of peer to root, with peer
+     * first, then any intermediates, then root last (if present).
+     *
      * @return array of certificates
      * @throws WolfSSLException on error
      * @throws IllegalStateException if object has been freed

diff --git a/src/java/com/wolfssl/provider/jsse/WolfSSLInternalVerifyCb.java b/src/java/com/wolfssl/provider/jsse/WolfSSLInternalVerifyCb.java
@@ -274,7 +274,8 @@ public int verifyCallback(int preverify_ok, long x509StorePtr) {
         }
 
         try {
-            /* get WolfSSLCertificate[] from x509StorePtr */
+            /* Get WolfSSLCertificate[] from x509StorePtr, certs from
+             * store.getCerts() should be listed in order of peer to root */
             WolfSSLX509StoreCtx store =
                 new WolfSSLX509StoreCtx(x509StorePtr);
             certs = store.getCerts();