[xmlsec] Verifying signature with embedded x509 cert

Jim Nutt jim at nuttz.org
Tue Dec 4 18:36:10 PST 2007

Do I need to load the trusted roots manually (does the xmlsec utility?)? If
that's the case, that may be why xmlsec will verify it but my code won't, it
doesn't load the root certificates. I'll give that a try.

On Dec 4, 2007 8:19 PM, Aleksey Sanin <aleksey at aleksey.com> wrote:

> Yes, it will get a key from the certificate! You need a trusted
> certificate (e.g. root CA certificate) to have the certificate
> in the signature verified.
> Aleksey
> Jim Nutt wrote:
> > Ok, a bit more info. The xmlsec utility will verify the signature
> > without being passed the pem file separately, so it apparently is able
> > to suck the key from the signature. I'm trying to create a minimal size
> > code set that demonstrates the problem, I'll post that when I have it.
> >

Jim Nutt
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.aleksey.com/pipermail/xmlsec/attachments/20071204/60c61d53/attachment-0002.htm

More information about the xmlsec mailing list