Well, most likely, online verifier simply does not have
the right trusted certificate. Try to use xmlsec command
line utility instead.
Aleksey
Carlos González-Cadenas wrote:
Hi,
I've generated a signature and tried to use the online verifier in
aleksey.com <http://aleksey.com>. This service says that the signature
is broken (the reference validation is OK, but the crypto validation
over the c14n'ed signedInfo fails). I've also tested with Apache XMLDSig
and it works OK.
I've tried to manually repeat every step (first of all c14-ize the
signedInfo subtree (obtaining the same subtree serialized in a byte[] as
this subtree is "manually" pre-c14n'ed) and after that applying the hash
function over that byte[], obtaining consistent results).
Could you give me some light about that?.
Thank you very much in advance,
Carlos
_______________________________________________
xmlsec mailing list
[email protected]
http://www.aleksey.com/mailman/listinfo/xmlsec
