Sorry for delay with response... Just too many things happen in the same time :(
Anyway, I have some questions about the patch: 1) Do you have some specific problem you are trying to address with this patch? It seem like you do call xmlSecBuildChainUsingWinapi() function right before doing xmlsec cert verification. And in all my tests cases this function never returns "OK". 2) In all the MSDN examples I can find, CertGetCertificateChain() function always has NULL for the "additional store" parameter and in the code you pass the trusted certificates handle. Are you sure that this is the correct way? Shouldn't it be untrusted certs or may be CRLs list instead? 3) I don't see how CertGetCertificateChain() function handles CRLs that might have been passed to xmlsec. Best, Aleksey _______________________________________________ xmlsec mailing list [email protected] http://www.aleksey.com/mailman/listinfo/xmlsec
