<p>The notevyou quoted applies mostly to using mscrypto. Using KeyName with OpenSSL should also work as long as keys are loaded into XMLsec KeysManager.</p>
<div class="gmail_quote">On Oct 24, 2011 6:53 AM, "Si St" <<a href="mailto:sigbj-st@operamail.com">sigbj-st@operamail.com</a>> wrote:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div><div style="font-family:Arial;font-size:medium" dir="ltr"><div>
Excuse my interruption here,</div>
<div>
but where is xmlsec1 searching to find the key in reference to the <KeyName/>? Where should the key/cert be placed so that xmlsec1 can find it (f.ex. among other keys)? Any specific directory? Remenber that xmlsec1 is /usr/local/bin/xmlsec1 with me, and I wonder where the program will search. In my particular case we are dealing with --crypto openssl</div>
<div>
--</div>
<div>
Si St</div>
<div>
<a href="mailto:sigbj-st@operamail.com" target="_blank">sigbj-st@operamail.com</a></div>
<div>
</div>
<div>
<div>
<div>
On Wednesday, October 19, 2011 9:33 PM, "EdShallow" <<a href="mailto:ed.shallow@gmail.com" target="_blank">ed.shallow@gmail.com</a>> wrote:</div>
<blockquote type="cite">
OK, here is how it works with mscrypto and xmlsec 1.2.18<br>
<br>
<span style="font-size:11pt">Example 1:</span><br>
<span style="font-size:11pt"><KeyName></span><span style="font-size:11pt">CA, GC, PWGSC-TPSGC, "Ed Shallow"</span><span style="font-size:11pt"></KeyName></span><br>
<br>
<span style="font-size:11pt">Example 2 with a special character:</span><br>
<span style="font-size:11pt"><KeyName>CA, GC, PWGSC-TPSGC, "Shallow, Ed"</span><span style="font-size:11pt"></KeyName></span><br>
<br>
In other words, do not use the sub-type qualifiers in the DN string i.e. cn= ou= o= c=<br>
<br>
Order is also important.<br>
<br>
Cheers,<br>
Ed<br>
<br>
<div>
On Wed, Oct 19, 2011 at 7:38 PM, EdShallow <span dir="ltr"><<a href="mailto:ed.shallow@gmail.com" target="_blank">ed.shallow@gmail.com</a>></span> wrote:<br>
<blockquote style="border-left:1px solid rgb(204, 204, 204);margin:0pt 0pt 0pt 0.8ex;padding-left:1ex">
<p>
OK. Give me a day or so and I will check the source to see if anything has changed in the CAPI calls.</p>
<div>
<div>
</div>
<div>
<div>
On Oct 19, 2011 7:29 PM, "Aleksey Sanin" <<a href="mailto:aleksey@aleksey.com" target="_blank">aleksey@aleksey.com</a>> wrote:<br>
<blockquote style="border-left:1px solid rgb(204, 204, 204);margin:0pt 0pt 0pt 0.8ex;padding-left:1ex">
Not that I am aware of.<br>
<br>
Aleksey<br>
<br>
On 10/19/11 2:02 PM, EdShallow wrote:<br>
<blockquote style="border-left:1px solid rgb(204, 204, 204);margin:0pt 0pt 0pt 0.8ex;padding-left:1ex">
. . . sorry forgot to mention, this behavior is with mscrypto<br>
Ed<br>
<br>
---------- Forwarded message ----------<br>
From: "EdShallow" <<a href="mailto:ed.shallow@gmail.com" target="_blank">ed.shallow@gmail.com</a> <mailto:<a href="mailto:ed.shallow@gmail.com" target="_blank">ed.shallow@gmail.com</a>>><br>
Date: Oct 19, 2011 3:55 PM<br>
Subject: Use of full DistinguishedName in KeyName<br>
To: "<a href="mailto:xmlsec@aleksey.com" target="_blank">xmlsec@aleksey.com</a> <mailto:<a href="mailto:xmlsec@aleksey.com" target="_blank">xmlsec@aleksey.com</a>>" <<a href="mailto:xmlsec@aleksey.com" target="_blank">xmlsec@aleksey.com</a><br>
<mailto:<a href="mailto:xmlsec@aleksey.com" target="_blank">xmlsec@aleksey.com</a>>><br>
<br>
Hi Aleksey,<br>
<br>
Use of full DN in KeyName template element used to work in oldwr<br>
versions of xmlsec.<br>
<br>
As of 1.2.18 I can only get CommonName to work.<br>
<br>
Example:<br>
This works<br>
<KeyName>Shallow Ed</KeyName><br>
<br>
This does not:<br>
<KeyName>cn=Shallow Ed,ou=finance,o=acme,c=ca</KeyName><br>
<br>
I receive an "Object or property cannot be found" message.<br>
<br>
Are there any constraints for naming?<br>
<br>
Ed<br>
<br>
<br>
<br>
_______________________________________________<br>
xmlsec mailing list<br>
<a href="mailto:xmlsec@aleksey.com" target="_blank">xmlsec@aleksey.com</a><br>
<a href="http://www.aleksey.com/mailman/listinfo/xmlsec" target="_blank">http://www.aleksey.com/mailman/listinfo/xmlsec</a></blockquote>
</blockquote>
</div>
</div>
</div>
</blockquote>
</div>
<br>
<br clear="all">
<br>
--<br>
Ed's Contact Information:<br>
Mobile Phone: <a href="tel:613-852-6410" value="+16138526410" target="_blank">613-852-6410</a><br>
Gmail: <a href="mailto:ed.shallow@gmail.com" target="_blank">ed.shallow@gmail.com</a><br>
VOIP Address: <a href="mailto:107529@sip.ca1.voip.ms" target="_blank">107529@sip.ca1.voip.ms</a><br>
VOIP DID#: <a href="tel:613-458-5004" value="+16134585004" target="_blank">613-458-5004</a><br>
Skype ID: edward.shallow<br>
Home Phone: <a href="tel:613-482-2090" value="+16134822090" target="_blank">613-482-2090</a><br>
<br>
<pre>
_______________________________________________
xmlsec mailing list
<a href="mailto:xmlsec@aleksey.com" target="_blank">xmlsec@aleksey.com</a>
<a href="http://www.aleksey.com/mailman/listinfo/xmlsec" target="_blank">http://www.aleksey.com/mailman/listinfo/xmlsec</a>
</pre>
</blockquote>
</div>
</div>
<div>
</div>
</div><pre>
--
<a href="http://www.fastmail.fm" target="_blank">http://www.fastmail.fm</a> - Email service worth paying for. Try it for free
</pre>
</div><br>_______________________________________________<br>
xmlsec mailing list<br>
<a href="mailto:xmlsec@aleksey.com">xmlsec@aleksey.com</a><br>
<a href="http://www.aleksey.com/mailman/listinfo/xmlsec" target="_blank">http://www.aleksey.com/mailman/listinfo/xmlsec</a><br>
<br></blockquote></div>