[xmlsec] verify signature
aleksey at aleksey.com
Tue May 21 14:36:27 PDT 2002
The problem you have is caused by missed "trusted" certificate.
When you are verifing certificate a "certificates chain" is created.
In this chain, the next certificates verifies the previous one. And of
you need to have a "root" certificate which you trust. For examples,
take a look at readPEMCertificate() funciton in app/xmlsec.c.
This function loads trusted or un-trusted certificate in the XMLSec keyring
using xmlSecSimpleKeysMngrLoadPemCert() function.
lidia castillejo marco wrote:
>I'm trying to verify the signatures using dsig3.c example . If the signature is generated from key (dsa, rsa) the verification is ok, but when i use a x509 certificate always verification failed. When I generate the signature I load private key using xmlSecSimpleKeysMngrLoadPemKey() and read the x509 certificate using xmlSecKeyReadPemCert().The generation result is ok. I'm using my own CA
>xmlsec mailing list
>xmlsec at aleksey.com
More information about the xmlsec