<!--/*SC*/DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"/*EC*/-->
<html><head><title></title><style type="text/css"><!-- body{padding:1ex;margin:0;font-family:sans-serif;font-size:small}a[href]{color:-moz-hyperlinktext!important;text-decoration:-moz-anchor-decoration}blockquote{margin:0;border-left:2px solid #144fae;padding-left:1em}blockquote blockquote{border-color:#006312}blockquote blockquote blockquote{border-color:#540000} --></style></head><body><div style="font-family: Arial; font-size: medium;" dir="ltr"><div>
Excuse my interruption here,</div>
<div>
but where is xmlsec1 searching to find the key in reference to the <KeyName/>? Where should the key/cert be placed so that xmlsec1 can find it (f.ex. among other keys)? Any specific directory? Remenber that xmlsec1 is /usr/local/bin/xmlsec1 with me, and I wonder where the program will search. In my particular case we are dealing with --crypto openssl</div>
<div>
--</div>
<div>
Si St</div>
<div>
<a href="mailto:sigbj-st@operamail.com">sigbj-st@operamail.com</a></div>
<div>
</div>
<div class="defangedMessage">
<div id="me55751">
<div>
On Wednesday, October 19, 2011 9:33 PM, "EdShallow" <ed.shallow@gmail.com> wrote:</div>
<blockquote class="me55751QuoteMessage" type="cite">
OK, here is how it works with mscrypto and xmlsec 1.2.18<br />
<br />
<span style="font-size: 11pt; font-family: "Calibri","sans-serif";">Example 1:</span><br />
<span style="font-size: 11pt; font-family: "Calibri","sans-serif";"><KeyName></span><span style="font-size: 11pt; font-family: "Calibri","sans-serif";">CA, GC, PWGSC-TPSGC, "Ed Shallow"</span><span style="font-size: 11pt; font-family: "Calibri","sans-serif";"></KeyName></span><br />
<br />
<span style="font-size: 11pt; font-family: "Calibri","sans-serif";">Example 2 with a special character:</span><br />
<span style="font-size: 11pt; font-family: "Calibri","sans-serif";"><KeyName>CA, GC, PWGSC-TPSGC, "Shallow, Ed"</span><span style="font-size: 11pt; font-family: "Calibri","sans-serif";"></KeyName></span><br />
<br />
In other words, do not use the sub-type qualifiers in the DN string i.e. cn= ou= o= c=<br />
<br />
Order is also important.<br />
<br />
Cheers,<br />
Ed<br />
<br />
<div class="me55751gmail_quote">
On Wed, Oct 19, 2011 at 7:38 PM, EdShallow <span dir="ltr"><<a href="mailto:ed.shallow@gmail.com">ed.shallow@gmail.com</a>></span> wrote:<br />
<blockquote class="me55751gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<p>
OK. Give me a day or so and I will check the source to see if anything has changed in the CAPI calls.</p>
<div>
<div>
</div>
<div class="me55751h5">
<div class="me55751gmail_quote">
On Oct 19, 2011 7:29 PM, "Aleksey Sanin" <<a href="mailto:aleksey@aleksey.com" target="_blank">aleksey@aleksey.com</a>> wrote:<br defang_type="attribution" />
<blockquote class="me55751gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Not that I am aware of.<br />
<br />
Aleksey<br />
<br />
On 10/19/11 2:02 PM, EdShallow wrote:<br />
<blockquote class="me55751gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
. . . sorry forgot to mention, this behavior is with mscrypto<br />
Ed<br />
<br />
---------- Forwarded message ----------<br />
From: "EdShallow" <<a href="mailto:ed.shallow@gmail.com" target="_blank">ed.shallow@gmail.com</a> <mailto:<a href="mailto:ed.shallow@gmail.com" target="_blank">ed.shallow@gmail.com</a>>><br />
Date: Oct 19, 2011 3:55 PM<br />
Subject: Use of full DistinguishedName in KeyName<br />
To: "<a href="mailto:xmlsec@aleksey.com" target="_blank">xmlsec@aleksey.com</a> <mailto:<a href="mailto:xmlsec@aleksey.com" target="_blank">xmlsec@aleksey.com</a>>" <<a href="mailto:xmlsec@aleksey.com" target="_blank">xmlsec@aleksey.com</a><br />
<mailto:<a href="mailto:xmlsec@aleksey.com" target="_blank">xmlsec@aleksey.com</a>>><br />
<br />
Hi Aleksey,<br />
<br />
Use of full DN in KeyName template element used to work in oldwr<br />
versions of xmlsec.<br />
<br />
As of 1.2.18 I can only get CommonName to work.<br />
<br />
Example:<br />
This works<br />
<KeyName>Shallow Ed</KeyName><br />
<br />
This does not:<br />
<KeyName>cn=Shallow Ed,ou=finance,o=acme,c=ca</KeyName><br />
<br />
I receive an "Object or property cannot be found" message.<br />
<br />
Are there any constraints for naming?<br />
<br />
Ed<br />
<br />
<br />
<br />
_______________________________________________<br />
xmlsec mailing list<br />
<a href="mailto:xmlsec@aleksey.com" target="_blank">xmlsec@aleksey.com</a><br />
<a href="http://www.aleksey.com/mailman/listinfo/xmlsec" target="_blank">http://www.aleksey.com/mailman/listinfo/xmlsec</a></blockquote>
</blockquote>
</div>
</div>
</div>
</blockquote>
</div>
<br />
<br clear="all" />
<br />
--<br />
Ed's Contact Information:<br />
Mobile Phone: 613-852-6410<br />
Gmail: <a href="mailto:ed.shallow@gmail.com">ed.shallow@gmail.com</a><br />
VOIP Address: <a href="mailto:107529@sip.ca1.voip.ms">107529@sip.ca1.voip.ms</a><br />
VOIP DID#: 613-458-5004<br />
Skype ID: edward.shallow<br />
Home Phone: 613-482-2090<br />
<br />
<pre>
_______________________________________________
xmlsec mailing list
xmlsec@aleksey.com
http://www.aleksey.com/mailman/listinfo/xmlsec
</pre>
</blockquote>
</div>
</div>
<div>
</div>
</div><pre>
--
http://www.fastmail.fm - Email service worth paying for. Try it for free
</pre>
</body></html>