[xmlsec] nss getKey
Aleksey Sanin
aleksey at aleksey.com
Mon Sep 19 20:55:37 PDT 2005
1) For signature you need to have private key associated with the cert.
Usually you simply load pkcs12 file into nss databases using pk12util
command line application:
$ pk12util -i key.p12 -d /path/to/database
2) xmlsec-nss uses the key's "nickname" to search for key in
nss database. This nickname is usually set in the pkcs12 file
when you create it:
$ openssl pkcs12 -export -in cert.pem -inkey key.pem \
-out key.p12 -name \"My Nick Name\"
(note that there is no password set for this pkcs12 file which might
be a bad idea).
Finally, take a look at the xmlsec\tests\keys\readme file for
the names I set for pkcs12 files distributed with xmlsec. I bet
that the one you need has nickname 'TestRsaKey' (w/o quotes).
Best,
Aleksey
Edward Shallow wrote:
> Yes I have verified it is there using Firefox. I have added several
> others with no luck.
>
> Ed
>
More information about the xmlsec
mailing list