[xmlsec] Keys Manager Creation Failed

Aleksey Sanin aleksey at aleksey.com
Tue Mar 4 06:09:43 PST 2014

Sounds like you are using GCrypt and it doesn't support PEM key format.
Try to use OpenSSL instead.


On 3/1/14, 1:43 PM, Derek Nutile wrote:
> Hello Aleksey,
> Hopefully you can help me.  I'm implementing Django SAML
> (https://bitbucket.org/lgs/djangosaml2) in a project which relies on
> your XMLSec library.  The application works flawlessly on my local
> development environment (Mac), but returns errors on my staging server,
> an Amazon EC2 instance.  I'm struggling to isolate the issue.  The
> exception that is generated in my SAML application is as follows:
> Exception:
> func=xmlSecGCryptAppKeyLoadMemory:file=app.c:line=248:obj=unknown:subj=unknown:error=17:invalid
> format:format=7
> func=xmlSecGCryptAppKeyLoad:file=app.c:line=176:obj=unknown:subj=xmlSecGCryptAppKeyLoadMemory:error=1:xmlsec
> library function failed:filename=/tmp/tmpZIPa5a.pem
> func=xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad:file=crypto.c:line=118:obj=unknown:subj=xmlSecCryptoAppKeyLoad:error=1:xmlsec
> library function failed:uri=/tmp/tmpZIPa5a.pem
> Error: failed to load public key from "/tmp/tmpZIPa5a.pem".
> Error: keys manager creation failed
> I've installed XMLSec on the Amazon EC2 instance.  To do so, I had to
> install from source.  The first note is that I receive failures when
> running a "make check" as I reported here:
> https://bugzilla.gnome.org/show_bug.cgi?id=725279.  That bug post has an
> attachment of the output, but the two main failures are: 
> transform "rsa-1_5" and "rsa-oaep-mgf1p" not found
> My question is this: does this sound like a library issue (missing
> library or version mismatch)?
> You ask that I supply following for a question or bug report:
> XMLSec version number (or the snapshot date):
> xmlsec version: xmlsec1 1.2.19 (gcrypt)
> The platform/compiler you are using:
> Amazon Linux AMI release 2013.09
> Kernel: 3.4.76-65.111.amzn1.x86_64
> gcc (GCC) 4.6.3 20120306 (Red Hat 4.6.3-2)
> The exact xmlsec utility command line:
> /usr/local/bin/xmlsec1
> All the files mentioned in this command line:
> ** I'm not sure how to list these?
> The xmlsec utility output:
> ** I don't know how to run the xmlsec utility
> Additional library information from the Amazon EC2 instance that may be
> important:
> libxml2.x86_64 version: 2.9.1-1.1.28.amzn1
> libxml2-devel.x86_64 version: 2.9.1-1.1.28.amzn1
> libxslt.x86_64 version: 1.1.26-2.7.amzn1
> libxslt-devel.x86_64 version: 1.1.26-2.7.amzn1
> OpenSSL version: 1.0.1e-fips
> Thank you for your time and attention,
> Derek Nutile
> _______________________________________________
> xmlsec mailing list
> xmlsec at aleksey.com
> http://www.aleksey.com/mailman/listinfo/xmlsec

More information about the xmlsec mailing list