[xmlsec] Verify signature after certificate expired
Aleksey Sanin
aleksey at aleksey.com
Wed Oct 9 08:04:44 PDT 2002
From the general security point of view the data are *not valid* if the
cert is expired.
If you really want to do this then you should take a look at the OpenSSL
cert
verification function and remove date check. However, this is DANGEROUSE!
Aleksey.
Roman Bouchner wrote:
>Hello
>I would like to verify signed data however signer's certificate has
>already expired. I want only verify data integrity.
>If I use function xmlSecDSigValidate, it returns negative value, so I
>cannot determine if data was changed or not.
>If I change local date it does work, however it is not right way I
>think..
>How I can solve this problems?
>Thanks:)
>Roman Bouchner
>
>
>_______________________________________________
>xmlsec mailing list
>xmlsec at aleksey.com
>http://www.aleksey.com/mailman/listinfo/xmlsec
>
>
More information about the xmlsec
mailing list