[xmlsec] Including X509 cert chain in Signature
aleksey at aleksey.com
Mon Jan 14 19:10:51 PST 2008
> 1/ How do I force inclusion of the root certificate?
You don't want to. Root certificate (trusted certificate)
establishes "trust" and it should be communicated to
the verifier by the outside trusted channel.
> 2/ Should the signature verify in the absence of the root certificate?
No. See above.
You might want to read a book on PKI/certificates.
More information about the xmlsec