[xmlsec] Having problems getting xmlsec working: Error: failed to initialize keys manager. A little help?

Wolf Noble wnoble at comcourse.com
Thu Oct 30 10:51:37 PST 2008

Hi guys,

I've googled extensively, removed clumps of hair, sacrificed a small chicken, recompiled xmlsec a few times, reinstalled openssl rpms... To no avail.

Here's my setup:

In testing, I'm running centos, with openssl 0.9.7a rpm installed, xmlsec 1.2.11 compiled from source.

In production, I'm running RHEL, with openssl 0.9.7a and openssl-devel 0.9.7a rpms installed, xmlsec 1.2.11 compiled from source.

In testing, xmlsec works fine.
In production, attempting to run xmlsec results in the following:

root at www foo]#  xmlsec1 --sign --privkey-pem dsaprivkey.pem --pubkey-der dsapubkey.der --output foo.xml in.xml
func=xmlSecOpenSSLX509StoreInitialize:file=x509vfy.c:line=651:obj=x509-store:subj=X509_LOOKUP_add_dir:error=4:crypto library function failed:
func=xmlSecKeyDataStoreCreate:file=keysdata.c:line=1328:obj=x509-store:subj=id->initialize:error=1:xmlsec library function failed:
func=xmlSecOpenSSLKeysMngrInit:file=crypto.c:line=313:obj=unknown:subj=xmlSecKeyDataStoreCreate:error=1:xmlsec library function failed:xmlSecOpenSSLX509StoreId
func=xmlSecOpenSSLAppDefaultKeysMngrInit:file=app.c:line=1270:obj=unknown:subj=xmlSecOpenSSLKeysMngrInit:error=1:xmlsec library function failed:
Error: failed to initialize keys manager.
Error: keys manager creation failed

Several posts on the web have stated this to be "something wrong with the openssl certs dir"
But /usr/share/ssl exists, and I don't see anything wrong with it.
I've not seen anyone's solutions to the problem, just a vague pointer to something wrong.

Can anyone help shed a little light on what I'm missing? I've got to get this working today.

Thanks much in advance. Your pointers are appreciated.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.aleksey.com/pipermail/xmlsec/attachments/20081030/25d4ae4f/attachment.htm

More information about the xmlsec mailing list