Yes, you might need to re-compile xmlsec. xmlsec-openssl is the default crypto engine thus ./configure probably just didn't find openssl for whatever reason. Run ./configure and look at the output and logs to figure out what is happening.
Aleksey On 3/4/14, 10:09 AM, Derek Nutile wrote: > Thank you for your response Aleksey. > > How do I use OpenSSL instead of GCrypt? Do I recompile the xmlsec > source? I looked at the ./configure --help output and it's not clear to > me how to. Should I add ' --with-openssl=path'? Should I also use ' > --without-gcrypt'? > > > On Tue, Mar 4, 2014 at 6:09 AM, Aleksey Sanin <[email protected] > <mailto:[email protected]>> wrote: > > Sounds like you are using GCrypt and it doesn't support PEM key format. > Try to use OpenSSL instead. > > Aleksey > > On 3/1/14, 1:43 PM, Derek Nutile wrote: > > Hello Aleksey, > > > > Hopefully you can help me. I'm implementing Django SAML > > (https://bitbucket.org/lgs/djangosaml2) in a project which relies on > > your XMLSec library. The application works flawlessly on my local > > development environment (Mac), but returns errors on my staging > server, > > an Amazon EC2 instance. I'm struggling to isolate the issue. The > > exception that is generated in my SAML application is as follows: > > > > Exception: > > > > func=xmlSecGCryptAppKeyLoadMemory:file=app.c:line=248:obj=unknown:subj=unknown:error=17:invalid > > format:format=7 > > > > func=xmlSecGCryptAppKeyLoad:file=app.c:line=176:obj=unknown:subj=xmlSecGCryptAppKeyLoadMemory:error=1:xmlsec > > library function failed:filename=/tmp/tmpZIPa5a.pem > > > > func=xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad:file=crypto.c:line=118:obj=unknown:subj=xmlSecCryptoAppKeyLoad:error=1:xmlsec > > library function failed:uri=/tmp/tmpZIPa5a.pem > > Error: failed to load public key from "/tmp/tmpZIPa5a.pem". > > Error: keys manager creation failed > > > > I've installed XMLSec on the Amazon EC2 instance. To do so, I had to > > install from source. The first note is that I receive failures when > > running a "make check" as I reported here: > > https://bugzilla.gnome.org/show_bug.cgi?id=725279. That bug post > has an > > attachment of the output, but the two main failures are: > > > > transform "rsa-1_5" and "rsa-oaep-mgf1p" not found > > > > My question is this: does this sound like a library issue (missing > > library or version mismatch)? > > > > You ask that I supply following for a question or bug report: > > XMLSec version number (or the snapshot date): > > xmlsec version: xmlsec1 1.2.19 (gcrypt) > > > > The platform/compiler you are using: > > Amazon Linux AMI release 2013.09 > > Kernel: 3.4.76-65.111.amzn1.x86_64 > > gcc (GCC) 4.6.3 20120306 (Red Hat 4.6.3-2) > > > > The exact xmlsec utility command line: > > /usr/local/bin/xmlsec1 > > > > All the files mentioned in this command line: > > ** I'm not sure how to list these? > > > > The xmlsec utility output: > > ** I don't know how to run the xmlsec utility > > > > Additional library information from the Amazon EC2 instance that > may be > > important: > > libxml2.x86_64 version: 2.9.1-1.1.28.amzn1 > > libxml2-devel.x86_64 version: 2.9.1-1.1.28.amzn1 > > libxslt.x86_64 version: 1.1.26-2.7.amzn1 > > libxslt-devel.x86_64 version: 1.1.26-2.7.amzn1 > > OpenSSL version: 1.0.1e-fips > > > > Thank you for your time and attention, > > Derek Nutile > > > > > > _______________________________________________ > > xmlsec mailing list > > [email protected] <mailto:[email protected]> > > http://www.aleksey.com/mailman/listinfo/xmlsec > > > > _______________________________________________ xmlsec mailing list [email protected] http://www.aleksey.com/mailman/listinfo/xmlsec
