http://www.mail-archive.com/[EMAIL PROTECTED]/msg45532.html
wz qiang wrote:
hi all, I am doing some signature verification test with trusted certificates. I used "xmlSecCryptoAppKeysMngrCertLoad(keys_mngr, ca_file, xmlSecKeyDataFormatPem, xmlSecKeyDataTypeTrusted)" to load the ca certificate into keymanager, there is <X509Data/> under <Signature><KeyInfo/></Signature>. But when I verify the signature (xmlSecDSigCtxVerify), I get the following error. The ca certificate is exactly the one which sign the certificate under <X509Data/>. And I also tried to use xmlSecOpenSSLAppKeysMngrAddCertsFile(keys_mngr, cafile) to load the ca ceriticate, and got the same error. Could somebody give some hint about sloving this problem? func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=360:obj=x509-store:subj=X509_verify_cert:error=4:crypto library function failed:subj=/C=NO/ST=Oslo/O=UiO/CN=test;err=20;msg=unable to get local issuer certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=408:obj=x509-store:subj=unknown:error=71:certificate verification failed:err=20;msg=unable to get local issuer certificate func=xmlSecKeysMngrGetKey:file=keys.c:line=1364:obj=unknown:subj=xmlSecKeysMngrFindKey:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessKeyInfoNode:file=xmldsig.c:line=871:obj=unknown:subj=unknown:error=45:key is not found: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=565:obj=unknown:subj=xmlSecDSigCtxProcessKeyInfoNode:error=1:xmlsec library function failed: func=xmlSecDSigCtxVerify:file=xmldsig.c:line=366:obj=unknown:subj=xmlSecDSigCtxSigantureProcessNode:error=1:xmlsec library function failed: Signature verification failed for saml:assertion Thanks in advance Weizhong Qiang _______________________________________________ xmlsec mailing list [email protected] http://www.aleksey.com/mailman/listinfo/xmlsec
_______________________________________________ xmlsec mailing list [email protected] http://www.aleksey.com/mailman/listinfo/xmlsec
