From the general security point of view the data are *not valid* if the cert is expired. If you really want to do this then you should take a look at the OpenSSL cert verification function and remove date check. However, this is DANGEROUSE!
Aleksey. Roman Bouchner wrote: >Hello >I would like to verify signed data however signer's certificate has >already expired. I want only verify data integrity. >If I use function xmlSecDSigValidate, it returns negative value, so I >cannot determine if data was changed or not. >If I change local date it does work, however it is not right way I >think.. >How I can solve this problems? >Thanks:) >Roman Bouchner > > >_______________________________________________ >xmlsec mailing list >[EMAIL PROTECTED] >http://www.aleksey.com/mailman/listinfo/xmlsec > > _______________________________________________ xmlsec mailing list [EMAIL PROTECTED] http://www.aleksey.com/mailman/listinfo/xmlsec
