[xmlsec] Verification and X509Certificate elements

Aleksey Sanin aleksey at aleksey.com
Wed Dec 11 08:24:32 PST 2002

You need to tell the xmlsec library which certs are "trusted". It's not 
to just place all the certs (including root CA cert) in the 
because certs not only give you a key but also establish a "trust".
Use "--trusted" option for xmlsec command line utility or 
function in your code.


Asbjørn Oskal wrote:

> Hi!
> I have added <X509Certificate> elements to a signature (both the 
> signers certificate and
> the corresponding CA certificate).
> Will these automatically be used in the verification process? I 
> thought they would, but verification failed so I just wanted to check.
> :)

More information about the xmlsec mailing list