Are you sure that the cacert.pem contains the certificate for nfcek.pem key? It looks like you are signing with one key and verifying with another.
Aleksey On 11/24/14 10:15 AM, Renato Fermi wrote: > I've added 2 files (inuput) 0AU00209.xml and output.xml. > > > > > 2014-11-24 16:05 GMT-02:00 Aleksey Sanin <[email protected] > <mailto:[email protected]>>: > > How does the input.xml looks like? > > Aleksey > > On 11/24/14 9:58 AM, Renato Fermi wrote: > > Hello Aleksey, > > > > I'm having troubles after sucessfully signing a XML, when > verifying it. > > > > What I've done: > > - Signed XML with my cert key and cacert : > > $ xmlsec1 --sign --id-attr:Id infNFe --privkey-pem > nfcek.pem,cacert.pem > > --output signed.xml input.xml > > - Verified the signature: > > xmlsec1 --verify --id-attr:Id infNFe --privkey-pem > nfcek.pem,cacert.pem > > signed.xml > > > > And received the return: > > > > func=xmlSecOpenSSLEvpSignatureVerify:file=signatures.c:line=493:obj=rsa-sha1:subj=EVP_VerifyFinal:error=18:data > > do not match:signature do not match > > FAIL > > SignedInfo References (ok/all): 1/1 > > Manifests References (ok/all): 0/0 > > Error: failed to verify file "signed.xml" > > > > Am I doing anything wrong? > > > > Thanks in advance. > > > > Renato Fermi > > > > > > _______________________________________________ > > xmlsec mailing list > > [email protected] <mailto:[email protected]> > > http://www.aleksey.com/mailman/listinfo/xmlsec > > > > > > > _______________________________________________ > xmlsec mailing list > [email protected] > http://www.aleksey.com/mailman/listinfo/xmlsec > _______________________________________________ xmlsec mailing list [email protected] http://www.aleksey.com/mailman/listinfo/xmlsec
