All versions support multiple partner certificates in support of the rollover of expired certificates.
What’s changed is the order in which we check for expired certificates.
The changes related to this post went into v4.6.0.
In v4.9.0 we changed the handling slightly to validate certificates before signature verification, This was done as a customer had two certificates with the same public key but one was expired and the other wasn’t.
This was an unusual scenario as normally certificates have different public keys.
You’ll find the release notes at:
https://www.componentspace.com/documentation/saml-for-asp-net-core/ComponentSpace%20SAML%20for%20ASP.NET%20Core%20Release%20Notes.pdf