Aleksey Sanin wrote:
Aleksey did presence of self signed root certificate in document
violate standard ?
Not really. And I already suggested that and it seems the situation
did not improve.
Aleksey
The error 1) "unable to get local issuer certificate" is very specific
(note word local).
It is different from 2) "unable to get issuer certificate".
If trusted root is not in store the usual error is 3) "self signed
certificate in certificate chain" but Paul case is different.
May be test case aleksey-xmldsig-01/enveloping-rsa-x509chain will raise
same message if root certificate is with
basicConstraints=critical,CA:TRUE,pathlen:3 ?
Roumen
_______________________________________________
xmlsec mailing list
[email protected]
http://www.aleksey.com/mailman/listinfo/xmlsec
