[xmlsec] LAst try with x509
chris at dctransform.com
Wed Jun 13 16:55:57 PDT 2007
I had a hunch that I may have messed up the creation of my keys and certs,
so... I went back and re-generated my public cert using the openssl
-set_serial option, and now I get *no errors* when signing or verifying
using the xmlsec command line utility!
However, it still does not populate the <X509IssuerSerial> node and
sub-nodes, only the X509Certificate node.
Is this simply not possible to do using the command line tool alone?
From: Chris McQueen [mailto:chris at dctransform.com]
Sent: Wednesday, June 13, 2007 5:51 PM
To: 'xmlsec at aleksey.com'
Subject: RE: [xmlsec] LAst try with x509
xmlsec1 --verify --id-attr:id Body --trusted-pem tfpubkey.crt tfsigned.xml
ec2bn:error=4:crypto library function failed:
SignedInfo References (ok/all): 1/1
Manifests References (ok/all): 0/0
From: Aleksey Sanin [mailto:aleksey at aleksey.com]
Sent: Wednesday, June 13, 2007 5:31 PM
To: chris at dctransform.com
Cc: xmlsec at aleksey.com
Subject: Re: [xmlsec] LAst try with x509
> xmlsec1 --verify --id-attr:id Body --pubkey-cert-pem tfpubkey.crt
> it returns the following errors:
Replace "--pubkey-cert-pem" with "--trusted-pem"
More information about the xmlsec