[xmlsec] certificate chain verification
aleksey at aleksey.com
Mon Jun 27 13:04:45 PDT 2011
mscrypto searches trusted certificates in the following order:
1) Key manager
2) Logged-in/current user crypro store
3) System crypto store
So answers to your questions are:
On 6/27/11 12:39 PM, EdShallow wrote:
> Does mscrypto check the certificate chain on a verify?
> a) - does the keysmngr have to be loaded with the trusted der-encoded
> b) - if the trusted certs are already in the MS crypto store, does
> this avoid having to loaded the trusted certs in the keysmngr?
> c) - Wil mscrypto throw a verify error if neither a) nor b) is performed?
> xmlsec mailing list
> xmlsec at aleksey.com
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the xmlsec