The notevyou quoted applies mostly to using mscrypto. Using KeyName with OpenSSL should also work as long as keys are loaded into XMLsec KeysManager. On Oct 24, 2011 6:53 AM, "Si St" <[email protected]> wrote:
> Excuse my interruption here, > but where is xmlsec1 searching to find the key in reference to the > <KeyName/>? Where should the key/cert be placed so that xmlsec1 can find it > (f.ex. among other keys)? Any specific directory? Remenber that xmlsec1 is > /usr/local/bin/xmlsec1 with me, and I wonder where the program will search. > In my particular case we are dealing with --crypto openssl > -- > Si St > [email protected] > > On Wednesday, October 19, 2011 9:33 PM, "EdShallow" < > [email protected]> wrote: > > OK, here is how it works with mscrypto and xmlsec 1.2.18 > > Example 1: > <KeyName>CA, GC, PWGSC-TPSGC, "Ed Shallow"</KeyName> > > Example 2 with a special character: > <KeyName>CA, GC, PWGSC-TPSGC, "Shallow, Ed"</KeyName> > > In other words, do not use the sub-type qualifiers in the DN string i.e. > cn= ou= o= c= > > Order is also important. > > Cheers, > Ed > > On Wed, Oct 19, 2011 at 7:38 PM, EdShallow <[email protected]> wrote: > > OK. Give me a day or so and I will check the source to see if anything has > changed in the CAPI calls. > > On Oct 19, 2011 7:29 PM, "Aleksey Sanin" <[email protected]> wrote: > > Not that I am aware of. > > Aleksey > > On 10/19/11 2:02 PM, EdShallow wrote: > > . . . sorry forgot to mention, this behavior is with mscrypto > Ed > > ---------- Forwarded message ---------- > From: "EdShallow" <[email protected] <mailto:[email protected]>> > Date: Oct 19, 2011 3:55 PM > Subject: Use of full DistinguishedName in KeyName > To: "[email protected] <mailto:[email protected]>" <[email protected] > <mailto:[email protected]>> > > Hi Aleksey, > > Use of full DN in KeyName template element used to work in oldwr > versions of xmlsec. > > As of 1.2.18 I can only get CommonName to work. > > Example: > This works > <KeyName>Shallow Ed</KeyName> > > This does not: > <KeyName>cn=Shallow Ed,ou=finance,o=acme,c=ca</KeyName> > > I receive an "Object or property cannot be found" message. > > Are there any constraints for naming? > > Ed > > > > _______________________________________________ > xmlsec mailing list > [email protected] > http://www.aleksey.com/mailman/listinfo/xmlsec > > > > > -- > Ed's Contact Information: > Mobile Phone: 613-852-6410 > Gmail: [email protected] > VOIP Address: [email protected] > VOIP DID#: 613-458-5004 > Skype ID: edward.shallow > Home Phone: 613-482-2090 > > > _______________________________________________ > xmlsec mailing > [email protected]http://www.aleksey.com/mailman/listinfo/xmlsec > > > > > -- http://www.fastmail.fm - Email service worth paying for. Try it for free > > > _______________________________________________ > xmlsec mailing list > [email protected] > http://www.aleksey.com/mailman/listinfo/xmlsec > >
_______________________________________________ xmlsec mailing list [email protected] http://www.aleksey.com/mailman/listinfo/xmlsec
