[xmlsec] Signing XMLs with X509 certificate

Aleksey Sanin aleksey at aleksey.com
Tue Mar 3 07:36:16 PST 2009 

I can't tell you what is wrong because I don't have template
to look at.

Aleksey

Jorge Augusto Senger wrote:
> Hi Aleksey, thanks for your reply.
> 
> Reading the list files I found this message: 
> http://www.aleksey.com/pipermail/xmlsec/2003/005354.html.
> Based on it, I used the following commands to sign my XML:
> 
> $ openssl pkcs12 -in certificate.pfx -out certificate.pem -des3
> $ xmlsec1 --sign --output out.xml --privkey-pem certificate.pem --pwd 
> xxx sign_template.xml
> 
> Jorge
> 
> On Tue, Mar 3, 2009 at 11:38 AM, Aleksey Sanin <aleksey at aleksey.com 
> <mailto:aleksey at aleksey.com>> wrote:
> 
>     The error is "key is not found". You need to make sure that the
>     *correct* key is loaded in the key manager and that the template
>     refers to the key correctly.
> 
>     Aleksey
> 
>     Jorge Augusto Senger wrote:
> 
>         - Show quoted text -
>         Hi everybody,
> 
>         I'm trying to sign a XML file with a X509 certificate but
>         xmlsec1 fails:
> 
>         # xmlsec1 --sign sign_template.xml --pkcs12 cert.pfx
>         func=xmlSecKeysMngrGetKey:file=keys.c:line=1364:obj=unknown:subj=xmlSecKeysMngrFindKey:error=1:xmlsec
>         library function failed:
>         func=xmlSecDSigCtxProcessKeyInfoNode:file=xmldsig.c:line=871:obj=unknown:subj=unknown:error=45:key
>         is not found:
>         func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=565:obj=unknown:subj=xmlSecDSigCtxProcessKeyInfoNode:error=1:xmlsec
>         library function failed:
>         func=xmlSecDSigCtxSign:file=xmldsig.c:line=303:obj=unknown:subj=xmlSecDSigCtxSigantureProcessNode:error=1:xmlsec
>         library function failed:
>         Error: signature failed
>         Error: failed to sign file "sign_template.xml"
> 
>         I'm using Debian 4.0 with the following xmlsec packages:
> 
>         xmlsec1/etch uptodate 1.2.9-5
>         libxmlsec1-openssl/etch uptodate 1.2.9-5
>         libxmlsec1-gnutls/etch uptodate 1.2.9-5
>         libxmlsec1-nss/etch uptodate 1.2.9-5
>         libxmlsec1/etch uptodate 1.2.9-5
>         libxmlsec1-dev/etch uptodate 1.2.9-5
> 
>         So, can somebody help me with this error?
> 
>         Thanks in advance,
> 
>         -- 
>         Jorge Augusto Senger
>         jasenger (at) gmail.com <http://gmail.com> <http://gmail.com>
> 
> 
>         ------------------------------------------------------------------------
> 
>         _______________________________________________
>         xmlsec mailing list
>         xmlsec at aleksey.com <mailto:xmlsec at aleksey.com>
>         http://www.aleksey.com/mailman/listinfo/xmlsec
> 
> 
> 
> 
> -- 
> Jorge Augusto Senger
> jasenger (at) gmail.com <http://gmail.com>
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> xmlsec mailing list
> xmlsec at aleksey.com
> http://www.aleksey.com/mailman/listinfo/xmlsec

More information about the xmlsec mailing list