[xmlsec] xmlsec1 signing with x509 cert. (NO x509 cert)
Aleksey Sanin
aleksey at aleksey.com
Sun Jun 14 23:59:41 PDT 2009
As I said, I don't know. I don't have any other ideas.
Aleksey
Braja Biswal wrote:
> Is my configuration command is correct?
> ./configure --enable-crypto-dl=no --enable-x509=yes
> --with-openssl=/usr/local/ssl
> Or any other options I have to try?
>
> On Mon, Jun 15, 2009 at 11:53 AM, Aleksey Sanin <aleksey at aleksey.com
> <mailto:aleksey at aleksey.com>> wrote:
>
> Well, I don't know then.
>
> Aleksey
>
> Braja Biswal wrote:
>
> I used the command
> xmlsec1 --sign --output x509data-sn-test-untrusted.xml
> --privkey-pem rsakey.pem --untrusted-pem rsacert.pem
> --print-debug x509data-sn-test.tmpl
> Taking the sample cert
> 1. *rsakey.pem* (xmlsec1-1.2.10\tests\keys)
> 2. *rsacert.pem *(xmlsec1-1.2.10\tests\keys)
> Which is having valid certs.
>
> In signed output its blank
> --------------------------
> <X509Data>
> </X509Data>
> --------------------------
> On Mon, Jun 15, 2009 at 10:51 AM, Aleksey Sanin
> <aleksey at aleksey.com <mailto:aleksey at aleksey.com>
> <mailto:aleksey at aleksey.com <mailto:aleksey at aleksey.com>>> wrote:
>
> Do you have certs in the rsakey.p12 ?
>
> Aleksey
>
> Braja Biswal wrote:
>
> Yes I have.
>
> <X509Data>
> <X509SubjectName/>
> <X509IssuerSerial/>
> <X509SKI/>
> <X509Certificate/>
> <X509CRL/>
> </X509Data>
>
> On Sat, Jun 13, 2009 at 10:03 PM, Aleksey Sanin
> <aleksey at aleksey.com <mailto:aleksey at aleksey.com>
> <mailto:aleksey at aleksey.com <mailto:aleksey at aleksey.com>>
> <mailto:aleksey at aleksey.com <mailto:aleksey at aleksey.com>
> <mailto:aleksey at aleksey.com <mailto:aleksey at aleksey.com>>>> wrote:
>
> Do you have <X509Data> element in your template?
>
> Aleksey
>
> Braja Biswal wrote:
>
> HI Aleksey,
>
> I make the following steps
> 1. ./configure --enable-crypto-dl=no --enable-x509=yes
> --with-openssl=/usr/local/ssl
> (./configure --enable-crypto-dl=no
> --with-openssl=/usr/local/ssl)
> 2. make
> make install.
>
> Now I tried to sign the templete files
> x509data-sn-test.tmpl
> x509data-test.tmpl
> enveloping-sha224-rsa-sha224.tmpl
> couple of other files with below options.
> *THERE IS NO X509 DATA *available in signed output
> files.
>
> I used some commands like
> 1.
> xmlsec1 --sign --output
> x509data-test-signed-untrusted.xml
> --print-debug --pkcs12 rsakey.p12 x509data-test.tmpl
> 2.
> xmlsec1 --sign --output x509data-sn-test-untrusted.xml
> --privkey-pem rsakey.pem --untrusted-pem rsacert.pem
> --print-debug x509data-sn-test.tmpl
>
> Can you please help?
> Where I am doing mistake.
>
> Regards
> Braja
>
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> xmlsec mailing list
> xmlsec at aleksey.com <mailto:xmlsec at aleksey.com>
> <mailto:xmlsec at aleksey.com <mailto:xmlsec at aleksey.com>>
> <mailto:xmlsec at aleksey.com <mailto:xmlsec at aleksey.com>
> <mailto:xmlsec at aleksey.com <mailto:xmlsec at aleksey.com>>>
>
>
> http://www.aleksey.com/mailman/listinfo/xmlsec
>
>
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> xmlsec mailing list
> xmlsec at aleksey.com <mailto:xmlsec at aleksey.com>
> http://www.aleksey.com/mailman/listinfo/xmlsec
>
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> xmlsec mailing list
> xmlsec at aleksey.com
> http://www.aleksey.com/mailman/listinfo/xmlsec
More information about the xmlsec
mailing list