[xmlsec] Verifying signature with embedded x509 cert
Jim Nutt
jim at nuttz.org
Tue Dec 4 18:36:10 PST 2007
Do I need to load the trusted roots manually (does the xmlsec utility?)? If
that's the case, that may be why xmlsec will verify it but my code won't, it
doesn't load the root certificates. I'll give that a try.
On Dec 4, 2007 8:19 PM, Aleksey Sanin <aleksey at aleksey.com> wrote:
> Yes, it will get a key from the certificate! You need a trusted
> certificate (e.g. root CA certificate) to have the certificate
> in the signature verified.
>
> Aleksey
>
>
> Jim Nutt wrote:
> > Ok, a bit more info. The xmlsec utility will verify the signature
> > without being passed the pem file separately, so it apparently is able
> > to suck the key from the signature. I'm trying to create a minimal size
> > code set that demonstrates the problem, I'll post that when I have it.
> >
>
--
Jim Nutt
http://jim.nuttz.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.aleksey.com/pipermail/xmlsec/attachments/20071204/60c61d53/attachment-0002.htm
More information about the xmlsec
mailing list