[xmlsec] Verifying a signature against a PEM certificate

Asbjørn Oskal asbjorn.oskal at welldiagnostics.com
Mon Nov 25 04:18:39 PST 2002


It seems to me from the answers I have gotten that there are no easy ways to
verify XML-signatures against (the public key from) X509 PEM-certificate
The xmlSecSimpleKeysMngrLoadPemKey does not accept loading public keys from
such files.
It does only accept public key files starting with -----BEGIN PUBLIC
So, does any of you know a way of creating such public key files from X509

The question is really, how can one make sure the identity of the signer
without verifying the signature against a public key you know belongs to the
signer. Or is it possible to check who is the owner of the public key
contained in the KeyInfo?


More information about the xmlsec mailing list