> But in certificate chain, I only get 2 certificates information (I think this two > are return by website.) That's right. The server returns up to, but not including, the root. The client is supposed to have the root stored somewhere as an out-of-band trust anchor. This is the way TLS/SSL works.