Index: /opt/develop/jbossws-src/src/src/main/java/org/jboss/ws/extensions/security/Constants.java
===================================================================
--- /opt/develop/jbossws-src/src/src/main/java/org/jboss/ws/extensions/security/Constants.java	(revision 5800)
+++ /opt/develop/jbossws-src/src/src/main/java/org/jboss/ws/extensions/security/Constants.java	(working copy)
@@ -71,4 +71,6 @@
    public static final String XENC_CONTENT_TYPE = EncryptionConstants.TYPE_CONTENT;
    
    public static final QName WSSE_HEADER_QNAME = new QName(WSSE_NS, "Security");
+   
+   public static final String JBOSS_WSSE_X509_CERTIFICATES = JBOSS_WSSE_PREFIX + ".x509.certificates"; 
 }
Index: /opt/develop/jbossws-src/src/src/main/java/org/jboss/ws/extensions/security/KeyResolver.java
===================================================================
--- /opt/develop/jbossws-src/src/src/main/java/org/jboss/ws/extensions/security/KeyResolver.java	(revision 5800)
+++ /opt/develop/jbossws-src/src/src/main/java/org/jboss/ws/extensions/security/KeyResolver.java	(working copy)
@@ -25,9 +25,15 @@
 import java.security.PublicKey;
 import java.security.cert.X509Certificate;
 import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Set;
+
+import javax.xml.ws.handler.MessageContext.Scope;
 
 import org.apache.xml.security.keys.KeyInfo;
 import org.jboss.util.NotImplementedException;
+import org.jboss.ws.core.CommonMessageContext;
+import org.jboss.ws.core.soap.MessageContextAssociation;
 import org.jboss.ws.extensions.security.element.BinarySecurityToken;
 import org.jboss.ws.extensions.security.element.DirectReference;
 import org.jboss.ws.extensions.security.element.KeyIdentifier;
@@ -133,7 +139,9 @@
       if (! (token instanceof X509Token))
          throw new WSSecurityException("Expected X509Token, cache contained: " + token.getClass().getName());
 
-      return ((X509Token)token).getCert();
+      X509Certificate cert = ((X509Token)token).getCert();
+      addCertificate(cert);
+      return cert;
    }
 
    public PublicKey resolvePublicKey(SecurityTokenReference reference) throws WSSecurityException
@@ -165,4 +173,21 @@
    {
       return resolvePrivateKey(extractSecurityTokenReference(info));
    }
+
+   private void addCertificate(X509Certificate cert) {
+	   CommonMessageContext msgContext = MessageContextAssociation.peekMessageContext();
+	   Scope prevScope = msgContext.getCurrentScope();
+	   try {
+		   msgContext.setCurrentScope(Scope.APPLICATION);
+		   Set<X509Certificate> certs = (Set<X509Certificate>) msgContext.get(Constants.JBOSS_WSSE_X509_CERTIFICATES);
+		   if (certs == null) {
+			   certs = new HashSet<X509Certificate>();
+			   msgContext.put(Constants.JBOSS_WSSE_X509_CERTIFICATES, certs);
+		   }
+		   certs.add(cert);
+	   } finally {
+		   msgContext.setCurrentScope(prevScope);
+	   }
+	   
+   }
 }