[xmlsec] problems by xmlSecKeysMngrFindKey

Wouter wsh333 at gmail.com
Wed Oct 11 11:32:22 PDT 2006 

Hi Jurgen,

Did you check that the certificate is actually published into your 
personal certificate store? The MS crypto library looks by default only 
in your personal certs store (a.k.a. "MY" certs store).

Wouter

Jürgen Heiss wrote:
> Hi Ed,
>  
> The CN also doesn't work.
>  
> I tried like this.
>
> xmlSecKeyPtr key = xmlSecKeysMngrFindKey(mngr, (xmlChar *)"CN = xxx", 
> keyInfoCtx);
>
>  
>
> ------------------------------------------------------------------------
> *From:* Ed Shallow [mailto:ed.shallow at rogers.com]
> *Sent:* Mittwoch, 11. Oktober 2006 03:06
> *To:* 'Wouter'; Jürgen Heiss
> *Cc:* xmlsec at aleksey.com
> *Subject:* RE: [xmlsec] problems by xmlSecKeysMngrFindKey
>
> The substring following the CN= will work. This is the Common Name 
> sub-field and is not the same as the Friendly Name sub-field which is 
> entirely optional.
>
>  
>
> The full DN with all sub-fields will also work. Again check what MS 
> display using the MS Cert Viewer.
>
>  
>
> As Wouter indicated the Friendly Name is an entirely different 
> sub-field and not (yet) supported. Please check what the MS Cert 
> Viewer displays and ensure you are consistent with that.
>
>  
>
> Ed
>
>  
>
>  
>
>  
>
> ------------------------------------------------------------------------
>
> *From:* xmlsec-bounces at aleksey.com [mailto:xmlsec-bounces at aleksey.com] 
> *On Behalf Of *Wouter
> *Sent:* Tuesday, October 10, 2006 9:13 AM
> *To:* Jürgen Heiss
> *Cc:* xmlsec at aleksey.com
> *Subject:* Re: [xmlsec] problems by xmlSecKeysMngrFindKey
>
>  
>
> Serial Number is usually SN, Common Name CN, Country C... Check what 
> the certificate looks like in MS certificate store.
>
> Wouter
>
> Jürgen Heiss wrote:
>
> Hi,
>
>  
>
> My certificate subject look like this.
>
>  
>
> Serial Number = xxxxxx
>
> N = Dummy
>
> C = AT
>
>  
>
> How should look now the function call?
>
>  
>
> xmlSecKeyPtr key = xmlSecKeysMngrFindKey(mngr, (xmlChar *)"Serival 
> number = xxxxxx N = Dummy c = AT ", keyInfoCtx);
>
>  
>
> This down't work!
>
> ------------------------------------------------------------------------
>
> *From:* Wouter Ketting [mailto:wsh333 at gmail.com]
> *Sent:* Dienstag, 10. Oktober 2006 12:06
> *To:* Jürgen Heiss
> *Cc:* xmlsec at aleksey.com <mailto:xmlsec at aleksey.com>
> *Subject:* Re: [xmlsec] problems by xmlSecKeysMngrFindKey
>
> Search by friendly name is not (yet) supported. You could try search 
> by full subject DN, or apply the patch posted in 
> http://www.aleksey.com/pipermail/xmlsec/2006/003560.html 
> <http://www.aleksey.com/pipermail/xmlsec/2006/003560.html>and see 
> whether you are able to retrieve the certificate by friendly name.
>
> Wouter
>
> On 10/10/06, *Jürgen Heiss* < jheiss at mesonic.com 
> <mailto:jheiss at mesonic.com>> wrote:
>
> Hi Wouter,
>
>  
>
> Yes I use this three Init Functions.
>
> I don't get any error, "just" the result is always NULL.
>
> The parm (name) in the FindKey Function is the friendly name of the 
> cert, or should it be something else.
>
>  
>
> ------------------------------------------------------------------------
>
> *From:* Wouter Ketting [mailto:wsh333 at gmail.com 
> <mailto:wsh333 at gmail.com>]
> *Sent:* Dienstag, 10. Oktober 2006 11:38
> *To:* Jürgen Heiss
> *Cc:* xmlsec at aleksey.com <mailto:xmlsec at aleksey.com>
> *Subject:* Re: [xmlsec] problems by xmlSecKeysMngrFindKey
>
> As far as I know it is the same mechanism as used internally... Did 
> you initialize xmlsec lib properly (probably a redundant question, but 
> you never know):
>
> xmlSecInit();
> xmlSecCryptoAppInit(NULL);
> xmlSecCryptoInit();
>
> Also, do you get any error messages anywhere? Or the key is simply not 
> found?
>
> Wouter
>
> On 10/10/06, *Jürgen Heiss* < jheiss at mesonic.com 
> <mailto:jheiss at mesonic.com>> wrote:
>
> I forgot to tell that I'm using mscrypto.
>
>  
>
> ------------------------------------------------------------------------
>
> *From:* xmlsec-bounces at aleksey.com <mailto:xmlsec-bounces at aleksey.com> 
> [mailto: xmlsec-bounces at aleksey.com 
> <mailto:xmlsec-bounces at aleksey.com>] *On Behalf Of *Jürgen Heiss
> *Sent:* Dienstag, 10. Oktober 2006 11:06
> *To:* xmlsec at aleksey.com <mailto:xmlsec at aleksey.com>
> *Subject:* [xmlsec] problems by xmlSecKeysMngrFindKey
>
> I try to Find a Key but it always returns Null.
>
>  
>
>  
>
>     xmlSecKeysMngrPtr mngr = xmlSecKeysMngrCreate(); 
>     xmlSecCryptoAppDefaultKeysMngrInit(mngr);
>
>  
>
>     /* locate and load key you want to use */
>     xmlSecKeyInfoCtxPtr keyInfoCtx = xmlSecKeyInfoCtxCreate(mngr);
>     xmlSecKeyPtr key = xmlSecKeysMngrFindKey(mngr, (xmlChar *)"dummy", 
> keyInfoCtx);
>
>  
>
>  
>
> I my computer exists a certificate with the name CN=dummy.
>
> any ideas what went wrong?
>
>
> _______________________________________________
> xmlsec mailing list
> xmlsec at aleksey.com <mailto:xmlsec at aleksey.com>
> http://www.aleksey.com/mailman/listinfo/xmlsec
>
>
>
>  
>
>  
>
>
> --
> No virus found in this incoming message.
> Checked by AVG Free Edition.
> Version: 7.1.407 / Virus Database: 268.13.0/465 - Release Date: 10/6/2006
>
>
> --
> No virus found in this outgoing message.
> Checked by AVG Free Edition.
> Version: 7.1.407 / Virus Database: 268.13.0/465 - Release Date: 10/6/2006
>

-------------- next part --------------
Skipped content of type multipart/related

More information about the xmlsec mailing list