# How can I obtain (in Java) the CA/ issuer certificate when I only have the client certificate?

I need to validate, in Java, the signature and the certificate that was used to sign a document. I have the PDF document from which I can get the user's certificate. I've been using PDFBox and BouncyCastle so far and I need to make an OCSP request, calling: generateOCSPRequest(X509Certificate issuerCert, BigInteger serialNumber). Can anyone help me understand what I need to do to obtain the CA/ issuer certificate? Thank you.