Try
--verification-time "2010-11-12 20:45:34"
On 11/22/10 2:37 AM, mahendra N wrote:
Hi ,
I have tried the folowing command
xmlsec1 --verify --id-attr:Id LicenceData --verification-time
"2010-12-12 20:45:34" --trusted-pem root_kuc.pem license.xml
license.xml is signed by root_kuc.pem, which expires on 2010-12-02.
I get the following error:
func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=360:obj=x509-store:subj=X509_verify_cert:error=4:crypto
library function failed:subj=/C=US/ST=Newyork/O=Company/OU=BI/CN=Company
Licence Generator ILG;err=10;msg=certificate has expired
func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=400:obj=x509-store:subj=unknown:error=76:certificate
has expirred:err=10;msg=certificate has expired
func=xmlSecKeysMngrGetKey:file=keys.c:line=1364:obj=unknown:subj=xmlSecKeysMngrFindKey:error=1:xmlsec
library function failed:
func=xmlSecDSigCtxProcessKeyInfoNode:file=xmldsig.c:line=871:obj=unknown:subj=unknown:error=45:key
is not found:
func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=565:obj=unknown:subj=xmlSecDSigCtxProcessKeyInfoNode:error=1:xmlsec
library function failed:
func=xmlSecDSigCtxVerify:file=xmldsig.c:line=366:obj=unknown:subj=xmlSecDSigCtxSigantureProcessNode:error=1:xmlsec
library function failed:
Error: signature failed
ERROR
SignedInfo References (ok/all): 1/1
Manifests References (ok/all): 0/0
Error: failed to verify file "license.xml"
Thanks and Regards,
Mahendra Naik
2010/11/22 mahendra N <[email protected]
<mailto:[email protected]>>
Hi,
I want to verify a file, signed with a digital certificate which
has expired. Is there a way in xmlsec to skip the checking of expiry
date of certificates, and only check for the keys?
Thanks and Regards,
Mahendra Naik
_______________________________________________
xmlsec mailing list
[email protected]
http://www.aleksey.com/mailman/listinfo/xmlsec
_______________________________________________
xmlsec mailing list
[email protected]
http://www.aleksey.com/mailman/listinfo/xmlsec