[xmlsec] Verifying signature with embedded x509 cert
aleksey at aleksey.com
Tue Dec 4 17:19:45 PST 2007
Yes, it will get a key from the certificate! You need a trusted
certificate (e.g. root CA certificate) to have the certificate
in the signature verified.
Jim Nutt wrote:
> Ok, a bit more info. The xmlsec utility will verify the signature
> without being passed the pem file separately, so it apparently is able
> to suck the key from the signature. I'm trying to create a minimal size
> code set that demonstrates the problem, I'll post that when I have it.
More information about the xmlsec