[xmlsec] Adding certificates to keys manager

Aleksey Sanin aleksey at aleksey.com
Tue Feb 23 17:46:54 PST 2010 

Good that you figured it out!

xmlSecKeyDataTypeSession is a key type, not the certificate type. Not
sure how this applies to certificates.

And after you load certificate into keys manager it will stay there
forever.

Aleksey


On 2/23/2010 3:23 PM, Mark Young wrote:
> I'm using OpenSSL.  After working on this all day I finally figured out
> where I was going wrong, though. Since the certificates were base64, and
> DER can be base64, I thought I could just load the base64 into the keys
> manager. Apparently, though, I had to decode the base64 first and then
> supply the decoded string to the keys manager as a DER-format certificate.
>
> Sorry to have taken up your time - but hopefully other people will read
> this and learn from my mistake.
>
> I do have another question. How long will a certificate of type
> xmlSecKeyDataTypeSession be kept by the keys manager? How does it decide
> when a session has ended?
>
>  > Date: Tue, 23 Feb 2010 14:51:14 -0800
>  > From: aleksey at aleksey.com
>  > To: ccgenealogy at hotmail.com
>  > CC: xmlsec at aleksey.com
>  > Subject: Re: [xmlsec] Adding certificates to keys manager
>  >
>  > What error do you get? What crypto library do you use?
>  >
>  > Aleksey
>  >
>  > On 2/23/2010 2:01 PM, Mark Young wrote:
>  > > I have hard-coded a trusted root certificate and I can successfully add
>  > > it to my keys manager using xmlSecCryptoAppKeysMngrCertLoadMemory.
>  > >
>  > > I'm receiving a chain of untrusted X509 certificates in an XML message,
>  > > and I would like to add those certificates to the keys manager as well.
>  > > However, xmlSecCryptoAppKeysMngrCertLoadMemory doesn't seem to work in
>  > > this case. I'm still trying to pinpoint where it's failing - but should
>  > > I be using a different function altogether?
>  > >
>  > > The certificates are base64-encoded X509 certificates.
>  > >
>  > >
> ------------------------------------------------------------------------
>  > > Your E-mail and More On-the-Go. Get Windows Live Hotmail Free. Sign up
>  > > now. <http://clk.atdmt.com/GBL/go/201469229/direct/01/>
>  > >
>  > >
>  > >
>  > > _______________________________________________
>  > > xmlsec mailing list
>  > > xmlsec at aleksey.com
>  > > http://www.aleksey.com/mailman/listinfo/xmlsec
>
> ------------------------------------------------------------------------
> Your E-mail and More On-the-Go. Get Windows Live Hotmail Free. Sign up
> now. <http://clk.atdmt.com/GBL/go/201469229/direct/01/>
>
>
>
> _______________________________________________
> xmlsec mailing list
> xmlsec at aleksey.com
> http://www.aleksey.com/mailman/listinfo/xmlsec

More information about the xmlsec mailing list