[xmlsec] Loading a DER-encoded certificate

Aleksey Sanin aleksey at aleksey.com
Mon Apr 7 08:27:41 PDT 2003

Using xmlSecKeyReadBinaryFile() function for reading certificates is 
probably a wrong way.
Please check xmlSecOpenSSLAppKeyPemCertLoad() and 
functions. In the last function you need to replace call to 
PEM_read_X509_AUX() with
a call to read der certificate from file. For example, you can use BIO 
call d2i_X509_bio()
(you need to create a read file BIO first).


Jesse Pelton wrote:

>I'm attempting to use xmlSecKeyReadBinaryFile() in XMLSec 0.1.1 to read a
>DER-encoded certificate file. As previously mentioned, it's necessary to
>modify the fopen() call to open the file in binary mode. Once I've done
>that, the file loads into memory successfully, and we call down to
>xmlSecOpenSSLKeyDataRawX509CertBinRead(). This sets up a key info context
>specifying a NULL keys manager, then calls
>xmlSecOpenSSLKeyDataX509VerifyAndExtractKey(), which promptly fails because
>of the absence of a keys manager.
>Is there some way to get xmlSecKeyReadBinaryFile() to load a certificate
>file successfully?  If not, is there an alternative?
>xmlsec mailing list
>xmlsec at aleksey.com

More information about the xmlsec mailing list