[xmlsec] verify signature

Aleksey Sanin aleksey at aleksey.com
Tue May 21 14:36:27 PDT 2002

The problem you have is caused by missed "trusted" certificate.
When you are verifing certificate a "certificates chain" is created.
In this chain,  the next certificates verifies the previous one. And of 
you need to have a "root" certificate which you trust. For examples,
take a look at readPEMCertificate() funciton in app/xmlsec.c.
This function loads trusted or un-trusted certificate in the XMLSec keyring
using xmlSecSimpleKeysMngrLoadPemCert() function.


lidia castillejo marco wrote:

>I'm trying to verify the signatures using dsig3.c example . If the signature is generated from key (dsa, rsa) the verification is ok, but when i use a x509 certificate always verification failed. When I generate the signature I load private key using xmlSecSimpleKeysMngrLoadPemKey() and read the x509 certificate using xmlSecKeyReadPemCert().The generation result is ok. I'm using my own CA 
>xmlsec mailing list
>xmlsec at aleksey.com

More information about the xmlsec mailing list