Simplest way would probably be to extract the public key from the certificate using openssl command line tools and then load it from a PEM file into xmlsec.
Aleksey On 11/25/12 5:25 AM, Kurt Roeckx wrote: > Hi, > > I get the following error trying to verify a signature: > func=xmlSecKeysMngrGetKey:file=keys.c:line=1370:obj=unknown:subj=xmlSecKeysMngrFindKey:error=1:xmlsec > library function failed: > func=xmlSecDSigCtxProcessKeyInfoNode:file=xmldsig.c:line=871:obj=unknown:subj=unknown:error=45:key > is not found: > func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=565:obj=unknown:subj=xmlSecDSigCtxProcessKeyInfoNode:error=1:xmlsec > library function failed: > func=xmlSecDSigCtxVerify:file=xmldsig.c:line=366:obj=unknown:subj=xmlSecDSigCtxSigantureProcessNode:error=1:xmlsec > library function failed: > > It's using X509 certificates. But instead of adding the cert in > the xml file they put the fingerprint of the cert in KeyName, and > I have the cert locally in PEM format. > > So I created a key manager and loaded the cert with > xmlSecCryptoAppKeysMngrCertLoad(). But I think that's why it > can't find the cert because I can't give it the keyname they're > sending. > > I don't think I can use xmlSecKeySetName() because it's not > a key. > > How can I get this working? > > > Kurt > > _______________________________________________ > xmlsec mailing list > [email protected] > http://www.aleksey.com/mailman/listinfo/xmlsec > _______________________________________________ xmlsec mailing list [email protected] http://www.aleksey.com/mailman/listinfo/xmlsec
