Ok, I'm pulling my hair out on this one. I'm trying to verify an xml signature based on the x509 certificate embedded in the keyinfo and I can not get it to work. If I verify using the same pem file I used for signing, it verifies ok, so I know the signature is valid. The problem is getting it to validate without going to the original pem file. I've tried the straight forward method of letting xmlSecDSigVerify load the key, but it can't find the key in signature. I've even tried writing the base64 data to a file (bracketed with -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----) and then loading that file as the certificate. It refuses to read the file. And yes, I know the file is a valid pem file because openssl x509 -in filename -text reads it just fine.
Any suggestions would be greatly appreciated, as I'm on a time crunch on this (now... wasn't when I started... *sigh*) -- Jim Nutt http://jim.nuttz.org
_______________________________________________ xmlsec mailing list xmlsec@aleksey.com http://www.aleksey.com/mailman/listinfo/xmlsec