[xmlsec] Re: X509 Data
Aleksey Sanin
aleksey at aleksey.com
Sat Apr 23 09:51:35 PDT 2005
You did not associate key with the certificate. Look at the
xmlsec command line options for correct syntax:
--privkey-pem[:<name>] <file>[,<cafile>[,<cafile>[...]]]
Aleksey
Highdone Trias wrote:
> Hi Aleksey,
>
> I am having a problem with the xmlsec command line tool when trying to sign
> a template.
>
> The <X509Data> elements are empty every time I sign the document. Here is
> my command line options:
>
> ./xmlsec1 --sign --crypto openssl --privkey-pem "server.key" --dtd-
> file "ref.dtd" --pubkey-cert-pem "server.crt" template.xml
>
> template.xml looks like this:
>
> <Signature xmlns="http://www.w3.org/2000/09/xmldsig#"
> xmlns:wsse="http://schemas
> .xmlsoap.org/ws/2002/07/secext">
> <SignedInfo>
> <CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
> <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
> <Reference URI="#Body">
> <Transforms>
> <Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
> </Transforms>
> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
> <DigestValue></DigestValue>
> </Reference>
> </SignedInfo>
> <SignatureValue></SignatureValue>
> <KeyInfo><X509Data>
> <X509Certificate/>
> <X509IssuerSerial>
> <X509IssuerName></X509IssuerName>
> <X509SerialNumber></X509SerialNumber>
> </X509IssuerSerial>
> </X509Data>
> </KeyInfo>
> </Signature>
>
>
> What am I doing wrong?
>
> Highdone Trias
> Advent Resources, Inc.
> www.adventresources.com
> 310.241.1500x2214
> From - Fri
More information about the xmlsec
mailing list