[xmlsec] verify signature

Aleksey Sanin aleksey@aleksey.com
Tue, 21 May 2002 14:36:27 -0700


The problem you have is caused by missed "trusted" certificate.
When you are verifing certificate a "certificates chain" is created.
In this chain,  the next certificates verifies the previous one. And of 
course,
you need to have a "root" certificate which you trust. For examples,
take a look at readPEMCertificate() funciton in app/xmlsec.c.
This function loads trusted or un-trusted certificate in the XMLSec keyring
using xmlSecSimpleKeysMngrLoadPemCert() function.


Aleksey.



lidia castillejo marco wrote:

>Hi, 
>I'm trying to verify the signatures using dsig3.c example . If the signature is generated from key (dsa, rsa) the verification is ok, but when i use a x509 certificate always verification failed. When I generate the signature I load private key using xmlSecSimpleKeysMngrLoadPemKey() and read the x509 certificate using xmlSecKeyReadPemCert().The generation result is ok. I'm using my own CA 
>
>Regards, 
>lidia 
>
>_______________________________________________
>xmlsec mailing list
>xmlsec@aleksey.com
>http://www.aleksey.com/mailman/listinfo/xmlsec
>