[xmlsec] Verify signature after certificate expired
aleksey at aleksey.com
Wed Oct 9 08:04:44 PDT 2002
From the general security point of view the data are *not valid* if the
cert is expired.
If you really want to do this then you should take a look at the OpenSSL
verification function and remove date check. However, this is DANGEROUSE!
Roman Bouchner wrote:
>I would like to verify signed data however signer's certificate has
>already expired. I want only verify data integrity.
>If I use function xmlSecDSigValidate, it returns negative value, so I
>cannot determine if data was changed or not.
>If I change local date it does work, however it is not right way I
>How I can solve this problems?
>xmlsec mailing list
>xmlsec at aleksey.com
More information about the xmlsec