[xmlsec] Adding X509 Certificate
Daniel Johansson
daniel at metodika.se
Fri Mar 3 05:14:04 PST 2006
Hi,
I have trouble with inserting a certificate into a <X509Certificate> element
in the <X509Data> element below.
At the command line I write:
xmlsec.exe --sign --output /outfile.txt --privkey-pem /certificate.pem
/template.txt
The signing works fine and I get no errors. But the <X509Data> element is
blank. If I add an empty <X509Certificate> element it is removed.
What am I doing wrong?
/Daniel
XML template:
<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<soap:Header>
<wsrp:path soap:actor="http://schemas.xmlsoap.org/soap/actor/next"
soap:mustUnderstand="1" xmlns:wsrp="http://schemas.xmlsoap.org/rp">
<wsrp:action
xmlns:wsu="http://schemas.xmlsoap.org/ws/2002/07/utility">https://ei.sst.dk/
SendPackets</wsrp:action>
<wsrp:to wsu:Id="Id-c5e4d24e-2532-4820-b238-9334f791506f"
xmlns:wsu="http://schemas.xmlsoap.org/ws/2002/07/utility">https://ei.sst.dk/
test-ei/Frontend.asmx</wsrp:to>
<wsrp:id wsu:Id="Id-cb2af9ee-2477-489c-ad0b-df86e06bb4b8"
xmlns:wsu="http://schemas.xmlsoap.org/ws/2002/07/utility">uuid:12345678-1234
-1234-b49344da724ad5d4</wsrp:id>
</wsrp:path>
<wsu:Timestamp
xmlns:wsu="http://schemas.xmlsoap.org/ws/2002/07/utility">
<wsu:Created
wsu:Id="Id-87e6da6d-6ee1-4d0a-9da2-d27e1bd321a9"></wsu:Created>
</wsu:Timestamp>
<wsse:Security soap:mustUnderstand="1"
xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/07/secext">
<wsse:BinarySecurityToken ValueType="wsse:X509v3"
EncodingType="wsse:Base64Binary"
xmlns:wsu="http://schemas.xmlsoap.org/ws/2002/07/utility"
wsu:Id="SecurityToken-12345678-1234-1234-1234-123456789012"></wsse:BinarySec
urityToken>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
<CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<Reference URI="#xpointer(/1/2)">
<Transforms>
<Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</Transforms>
<DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue></DigestValue>
</Reference>
<Reference URI="#xpointer(/1/1/1/1)">
<Transforms>
<Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</Transforms>
<DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue></DigestValue>
</Reference>
<Reference URI="#xpointer(/1/1/1/2)">
<Transforms>
<Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</Transforms>
<DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue></DigestValue>
</Reference>
<Reference URI="#xpointer(/1/1/1/3)">
<Transforms>
<Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</Transforms>
<DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue></DigestValue>
</Reference>
<Reference URI="#xpointer(/1/1/2/1)">
<Transforms>
<Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</Transforms>
<DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue></DigestValue>
</Reference>
</SignedInfo>
<SignatureValue></SignatureValue>
<KeyInfo>
<X509Data>
</X509Data>
</KeyInfo>
</Signature>
</wsse:Security>
</soap:Header>
<soap:Body wsu:Id="Id-59ef0d9b-1ac6-4fff-85cb-3f52ec95c47c"
xmlns:wsu="http://schemas.xmlsoap.org/ws/2002/07/utility">
<SendPackets xmlns="https://ei.sst.dk/">
<Packets>
<SoapPacket>
<SoapData>testdata3</SoapData>
<Found>false</Found>
</SoapPacket>
</Packets>
</SendPackets>
</soap:Body>
</soap:Envelope>
More information about the xmlsec
mailing list