Many thanks for clearifying that issue for me!
I was short before to go stupid on that ... ;-))
Ingo Fischer
Aleksey Sanin wrote:
Yes, you are right about -CAfile, I forget it, sorry. Actually,
everything works just
fine for me now (and all the openssl stuff was not needed :) ):
[EMAIL PROT
Hello !
Ops.. The line was too long and I missed the last two certs. However, this
changes nothing for me:
[EMAIL PROTECTED] openssl verify -CAfile c.pem b.pem
b.pem: OK
[EMAIL PROTECTED] openssl verify -CAfile b.pem a.pem
a.pem: /C=US/O=MasterCard International Incorpor
Yes, you are right about -CAfile, I forget it, sorry. Actually,
everything works just
fine for me now (and all the openssl stuff was not needed :) ):
[EMAIL PROTECTED] xmlsec verify --trusted c.pem
3dsec_xmldsig_verify_3006.xml
= Status:
== Signatures ok: 1
== Signatures fail: 0
=
In the XML-File there were 3 certificates at all included. The first
certificate you extracted as "a.pem".
I saved these certificates as b.pem and c.pem too.
Ops.. The line was too long and I missed the last two certs. However, this
changes nothing for me:
[EMAIL PROTECTED] openssl verify
Hello Aleskey,
In the XML-File there were 3 certificates at all included. The first certificate
you extracted as "a.pem".
I saved these certificates as b.pem and c.pem too.
when I run verify that with openssl I get an success for a.pem.
So you need all certificates which are presented in the XML
The issuer of the certificate in the signature
C=US, O=MasterCard International Incorporated Test System Subordinate,
OU=SecureCode Test System Subordinate CA Certificate,
CN=MasterCard SecureCode Test Issuer and Directory Subordinate
match none of the subjects of the certificates you sent to me.