to just place all the certs (including root CA cert) in the <X509Certificate>
because certs not only give you a key but also establish a "trust".
Use "--trusted" option for xmlsec command line utility or xmlSecX509StoreLoadPemCert()
function in your code.
Aleksey
Asbj�rn Oskal wrote:
Hi!
I have added <X509Certificate> elements to a signature (both the signers certificate and
the corresponding CA certificate).
Will these automatically be used in the verification process? I thought they would, but verification failed so I just wanted to check.
:)
_______________________________________________ xmlsec mailing list [EMAIL PROTECTED] http://www.aleksey.com/mailman/listinfo/xmlsec
