Certificate validation should target the end-entity certificate, not the CA

Description

When validating a certificate, Java expects to be told what certificate (from a collection) is the target to be validated.

Spark's code points at the CA certificate (the Trust Anchor) instead of the end-entity / leaf certificate. This should be the other way around (the Trust Anchor, as a trusted entity, can be expected to be ... trusted).

Environment

None
Fixed

Priority

Major

Assignee

Guus der Kinderen

Reporter

Guus der Kinderen