[xmlsec] Verification and X509Certificate elements
aleksey at aleksey.com
Wed Dec 11 08:24:32 PST 2002
You need to tell the xmlsec library which certs are "trusted". It's not
to just place all the certs (including root CA cert) in the
because certs not only give you a key but also establish a "trust".
Use "--trusted" option for xmlsec command line utility or
function in your code.
Asbjørn Oskal wrote:
> I have added <X509Certificate> elements to a signature (both the
> signers certificate and
> the corresponding CA certificate).
> Will these automatically be used in the verification process? I
> thought they would, but verification failed so I just wanted to check.
More information about the xmlsec