[xmlsec] Urgent help needed : Certificate verification failed
Ashish Agrawal
meetashish at gmail.com
Thu Jun 4 05:12:44 PDT 2009
Hi Aleksey,
I ve a problem where i v a root CA and and two certificates in the chain,
when i try to verify the chain using openssl it works :
openssl verify -CAfile root.pem EE.pem
but when i to to verify using xmlsec it fails with the error :
func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=360:obj=x509-store:subj=X509_verify_cert:error=4:crypto
library function failed:subj=/C=CN/ST=BJ/O=JIL/OU=JIL/CN=JIL EE
demo;err=20;msg=unable to get local issuer certificate
func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=408:obj=x509-store:subj=unknown:error=71:certificate
verification failed:err=20;msg=unable to get local issuer certificate
func=xmlSecKeysMngrGetKey:file=keys.c:line=1364:obj=unknown:subj=xmlSecKeysMngrFindKey:error=1:xmlsec
library function failed:
func=xmlSecDSigCtxProcessKeyInfoNode:file=xmldsig.c:line=884:obj=unknown:subj=unknown:error=45:key
is not found:
func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=578:obj=unknown:subj=xmlSecDSigCtxProcessKeyInfoNode:error=1:xmlsec
library function failed:
func=xmlSecDSigCtxVerify:file=xmldsig.c:line=379:obj=unknown:subj=xmlSecDSigCtxSigantureProcessNode:error=1:xmlsec
library function failed:
Error: signature failed
ERROR
SignedInfo References (ok/all): 6/6
Manifests References (ok/all): 0/0
Does xmlsec imposes ny additional constraint on the certificate validation
and if yes what are they ?
Regards,
Ashish
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.aleksey.com/pipermail/xmlsec/attachments/20090604/fb1ec324/attachment.htm
More information about the xmlsec
mailing list