[xmlsec] xmlsec1 signing with x509 cert. (NO x509 cert)

Braja Biswal be.biswal at gmail.com
Sun Jun 14 23:54:42 PDT 2009


Is my configuration command is correct?
./configure --enable-crypto-dl=no --enable-x509=yes
--with-openssl=/usr/local/ssl
Or any other options I have to try?

On Mon, Jun 15, 2009 at 11:53 AM, Aleksey Sanin <aleksey at aleksey.com> wrote:

> Well, I don't know then.
>
> Aleksey
>
> Braja Biswal wrote:
>
>> I used the command
>> xmlsec1 --sign --output x509data-sn-test-untrusted.xml --privkey-pem
>> rsakey.pem --untrusted-pem rsacert.pem --print-debug x509data-sn-test.tmpl
>> Taking the sample cert
>> 1. *rsakey.pem* (xmlsec1-1.2.10\tests\keys)
>> 2. *rsacert.pem *(xmlsec1-1.2.10\tests\keys)
>> Which is having valid certs.
>>
>> In signed output its blank
>> --------------------------
>>      <X509Data>
>>            </X509Data>
>> --------------------------
>> On Mon, Jun 15, 2009 at 10:51 AM, Aleksey Sanin <aleksey at aleksey.com<mailto:
>> aleksey at aleksey.com>> wrote:
>>
>>    Do you have certs in the rsakey.p12 ?
>>
>>    Aleksey
>>
>>    Braja Biswal wrote:
>>
>>        Yes I have.
>>
>>             <X509Data>
>>               <X509SubjectName/>
>>               <X509IssuerSerial/>
>>               <X509SKI/>
>>               <X509Certificate/>
>>               <X509CRL/>
>>             </X509Data>
>>
>>        On Sat, Jun 13, 2009 at 10:03 PM, Aleksey Sanin
>>        <aleksey at aleksey.com <mailto:aleksey at aleksey.com>
>>        <mailto:aleksey at aleksey.com <mailto:aleksey at aleksey.com>>> wrote:
>>
>>           Do you have <X509Data> element in your template?
>>
>>           Aleksey
>>
>>           Braja Biswal wrote:
>>
>>               HI Aleksey,
>>
>>               I make the following steps
>>               1. ./configure --enable-crypto-dl=no --enable-x509=yes
>>               --with-openssl=/usr/local/ssl
>>               (./configure --enable-crypto-dl=no
>>         --with-openssl=/usr/local/ssl)
>>               2. make
>>               make install.
>>
>>               Now I tried to sign the templete files
>>               x509data-sn-test.tmpl
>>               x509data-test.tmpl
>>               enveloping-sha224-rsa-sha224.tmpl
>>               couple of other files with below options.
>>               *THERE IS NO X509 DATA *available in signed output files.
>>
>>               I used some commands like
>>               1.
>>               xmlsec1 --sign --output x509data-test-signed-untrusted.xml
>>               --print-debug --pkcs12 rsakey.p12 x509data-test.tmpl
>>               2.
>>               xmlsec1 --sign --output x509data-sn-test-untrusted.xml
>>               --privkey-pem rsakey.pem --untrusted-pem rsacert.pem
>>               --print-debug x509data-sn-test.tmpl
>>
>>               Can you please help?
>>               Where I am doing mistake.
>>
>>               Regards
>>               Braja
>>
>>
>>
>> ------------------------------------------------------------------------
>>
>>               _______________________________________________
>>               xmlsec mailing list
>>               xmlsec at aleksey.com <mailto:xmlsec at aleksey.com>
>>        <mailto:xmlsec at aleksey.com <mailto:xmlsec at aleksey.com>>
>>
>>               http://www.aleksey.com/mailman/listinfo/xmlsec
>>
>>
>>
>>
>> ------------------------------------------------------------------------
>>
>> _______________________________________________
>> xmlsec mailing list
>> xmlsec at aleksey.com
>> http://www.aleksey.com/mailman/listinfo/xmlsec
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.aleksey.com/pipermail/xmlsec/attachments/20090615/0d3e6867/attachment-0001.htm


More information about the xmlsec mailing list