[xmlsec] Verifying signature with embedded x509 cert

Aleksey Sanin aleksey at aleksey.com
Mon Dec 3 23:03:32 PST 2007

xmlSecOpenSSLAppKeyLoadMemory() ???


Jim Nutt wrote:
> Ok, I'm pulling my hair out on this one. I'm trying to verify an xml 
> signature based on the x509 certificate embedded in the keyinfo and I 
> can not get it to work. If I verify using the same pem file I used for 
> signing, it verifies ok, so I know the signature is valid. The problem 
> is getting it to validate without going to the original pem file. I've 
> tried the straight forward method of letting xmlSecDSigVerify load the 
> key, but it can't find the key in signature. I've even tried writing the 
> base64 data to a file (bracketed with -----BEGIN CERTIFICATE----- and 
> -----END CERTIFICATE-----) and then loading that file as the 
> certificate. It refuses to read the file. And yes, I know the file is a 
> valid pem file because openssl x509 -in filename -text reads it just fine.
> Any suggestions would be greatly appreciated, as I'm on a time crunch on 
> this (now... wasn't when I started... *sigh*)
> -- 
> Jim Nutt
> http://jim.nuttz.org <http://jim.nuttz.org>
> ------------------------------------------------------------------------
> _______________________________________________
> xmlsec mailing list
> xmlsec at aleksey.com
> http://www.aleksey.com/mailman/listinfo/xmlsec

More information about the xmlsec mailing list