[xmlsec] Verifying a signature against a PEM certificate

Aleksey Sanin aleksey at aleksey.com
Fri Nov 22 00:31:59 PST 2002


>
>
>Can I load the public key from a PEM cert with the
>xmlSecSimpleKeysMngrLoadPemCert method?
>Will it then be treated as a key or is it only CA certs that should be
>loaded this way.
>

Please, read the code or documentation:

http://www.aleksey.com/xmlsec/api/xmlsec-keysmngr.html#XMLSECSIMPLEKEYSMNGRLOADPEMCERT

>If not I will still have the problem with loading X509 PEM-certificates
>starting with
>"-----BEGIN CERTIFICATE-----".
>  
>
Sorry, but it is OpenSSL limitation.

>Or should I use xmlSecKeyReadPemCert together with
>xmlSecSimpleKeysMngrAddKey?
>  
>
You also may use  xmlSecSimpleKeysMngrLoadPemKey() + xmlSecKeyReadPemCert()
(you should probably look at the readPemKey() function in apps/xmlsec.c 
file).


Aleksey.




More information about the xmlsec mailing list