[xmlsec] Verifying a signature against a PEM certificate

Asbjørn Oskal asbjorn.oskal@welldiagnostics.com
Fri, 22 Nov 2002 10:32:49 +0100


> >
> >
> >Can I load the public key from a PEM cert with the
> >xmlSecSimpleKeysMngrLoadPemCert method?
> >Will it then be treated as a key or is it only CA certs that should be
> >loaded this way.
> >
>
> Please, read the code or documentation:
>
>
http://www.aleksey.com/xmlsec/api/xmlsec-keysmngr.html#XMLSECSIMPLEKEYSMNGRL
OADPEMCERT
>

Hi!

Thanks for the fast answer.

I have read the documentation of xmlSecSimpleKeysMngrLoadPemCert but it does
not make clear how the certificate loaded can be used in the verification
process.
Should this be done together with setting the flag
xmlSecKeyOriginKeyManager?
I tried that but I could not get it to work. Should it?

Or should I use the flag xmlSecKeyOriginKeyName? But what is then the key of
the certificate I load with xmlSecSimpleKeysMngrLoadPemCert? If I sign with
dsig:KeyName set to something it will have have to match the keyname of the
certificate loaded into the keys manager. But as far as I can see there is
no way of specifying keyname when loading a certificate with
xmlSecSimpleKeysMngrLoadPemCert.

:)