When I run the following on the attached files, I get the error below:
xmlsec sign --privkey DumpedKey.pem,DumpedCert.pem --output x1-sig.xml
x1-sig-template.xml
You have a minor problem in your templpate: you've had empty <ds:X509Certificate/> element in <ds:X509Data/> element and this caused Base64 error you've seen :) Removing it solved all the problems and the command above succeded (see attached file).
So not knowing exactly what was wrong I stored the X500 cert in the template and ran the following:
xmlsec sign --privkey DumpedKey.pem,DumpedCert.pem --output x1-sig.xml x2-sig-template.xml
xmlSecX509StoreVerify (..\src\x509.c:1090): error 41: cert verification failed : error=18 (self signed certificate) xmlSecX509DataNodeRead (..\src\keyinfo.c:1196): error 41: cert verification failed :
You've stored certificate in the template and xmlsec decided that it needs to read it. And the cert verification failed because there were no "root" certificate.
I prefer to discuss xmlsec questions in the xmlsec mailing list so this message is copied to the list.
Aleksey
x1-sig-template.xml.gz
Description: GNU Zip compressed data
