Is it possible to use certificates from multiple IDP's to authenticate requests using SAML? Is there a 1:1 relationship between certificates and trusts? How would apigee determine the correct certificate for a given request?
Trust would be resolved from the token presented with a request. I could envision a scenario where multiple tokens could be presented and verified to provide layered or unioned trust from different providers - that would be entirely up to the API implementation team to realize.
Apigee imposes no relationship constraints - that is your responsibility/opportunity as the implementer.
Attempting to upload a second certificate to a truststore (actually a keystore with an alias) fails with a message saying it already exists. How would you ever get multiple certs into the store?