Description
DefaultSubjectProvider retrieves X509 certificate to encrypt key information. It asks crypto provider for X509 certs using:
X509Certificate certificate = crypto.getX509Certificates(cryptoType)[0];
If certificates are not found it caused NLP or ArrayOutOfBound exceptions in STS code.
Proposal: check returned array for null and 0 length.