No matter what I try, I can't seem to get xmlsec.exe to sign a template with my untrusted-der certificate. I consistently get error messages about the object not being found.
xmlsec - -sign - -untrusted-der julie.cer test.xml
I've been able to use the library to validate signatures created with this key.
Admittedly, I'm not exactly sure what to put in a template when using an untrusted-der. I've tried all sorts of combinations, and none of them seem to work.
The latest is:
<?xml version="1.0" encoding="UTF-8"?>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"></CanonicalizationMethod>
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"></SignatureMethod>
<Reference URI="http://server.example.com/test.txt">
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></DigestMethod>
<DigestValue></DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>
</SignatureValue>
<KeyInfo>
<X509Data>
</X509Data>
</KeyInfo>
</Signature>
Any suggestions?
-- Regards,
J. Bielski
- [xmlsec] signing with untrusted-der Julianne Bielski
- Re: [xmlsec] signing with untrusted-der Aleksey Sanin
- Re: [xmlsec] signing with untrusted-der Julianne Bielski
