Hello Esan.
Yes, both 001 and 002 are present in my chain (client_payment_service_provider_certificate_chain) in PEM format, separated by a newline.
$ openssl x509 -in MCRootCA.pem -text -noout | grep "Subject:|Issuer:"
Issuer: C = PT, O = MULTICERT - Servi\C3\A7os de Certifica\C3\A7\C3\A3o Electr\C3\B3nica S.A., CN = MULTICERT Root Certification Authority 01
Subject: C = PT, O = MULTICERT - Servi\C3\A7os de Certifica\C3\A7\C3\A3o Electr\C3\B3nica S.A., CN = MULTICERT Root Certification Authority 01
$ openssl x509 -in MC_TS_002_Prod.pem -text -noout | grep "Subject:|Issuer:"
Issuer: C = PT, O = MULTICERT - Servi\C3\A7os de Certifica\C3\A7\C3\A3o Electr\C3\B3nica S.A., CN = MULTICERT Root Certification Authority 01
Subject: C = PT, O = MULTICERT - Servi\C3\A7os de Certifica\C3\A7\C3\A3o Electr\C3\B3nica S.A., OU = Certification Authority, CN = MULTICERT Trust Services Certification Authority 002
And I send my QSeal certificate in client_payment_service_provider_certificate, which is issued by 002:
$ openssl x509 -in our_qsealc.pem -text -noout | grep "Issuer:"
Issuer: C = PT, O = MULTICERT - Servi\C3\A7os de Certifica\C3\A7\C3\A3o Electr\C3\B3nica S.A., OU = Certification Authority, CN = MULTICERT Trust Services Certification Authority 002
I have tried different combinations for the chain: with only 001, with only 002, with both 001 + 002, with 002 + qsealc etc.
If it helps, here is a sample request ID:
X-Bunq-Client-Request-Id: 05f63518cd3e4c1fbceb7e6d98020da4
Thanks,