[xmlsec] Adding X509 Certificate

Daniel Johansson daniel at metodika.se
Fri Mar 3 14:29:33 PST 2006

Thanks, now I got it right.

I got one more problem however. Can I use the <BinarySecurityToken> and
<SecurityTokenReference> element to insert a certificate, instead of using
<X509Data> and <X509Certificate>? Is there a difference between the two?




Referencing this element outside the <signature> element:

<wsse:BinarySecurityToken ValueType="wsse:X509v3"

On 06-03-03 17.48, "Aleksey Sanin" <aleksey at aleksey.com> wrote:

>> The manual says that "--privkey-pem" loads both private key and
>> certificate.
> http://www.aleksey.com/xmlsec/xmlsec-man.html
> --privkey-pem[:<name>] <file>[,<cafile>[,<cafile>[...]]]
>    load private key from PEM file and certificates that verify this key
> Dmitry is correct. You are loading *only* private key. You need
> to put certificate into a separate file and specify it after comma
> (see the command above).
> Aleksey

More information about the xmlsec mailing list