[xmlsec] Verification fail using <x509data> element info

Aleksey Sanin aleksey at aleksey.com
Sat Feb 22 07:50:34 PST 2003


> What is wrong?

> -Certificate : Self Signed
>
You certificate is *not* self signed:
[aleksey at lsh]$ openssl x509 -in a.crt -noout -text
...
Issuer: C=KR, ST=ChoongNam, L=YooSung, O=ETRI, OU=DRM Developer Team,
CN=ETRI Sohwang/1.1.840.113549.1.9.1=sowhang at etri.re.net
...
Subject: C=KR, ST=Seoul, L=GoonJa, O=Sejong Univ
....


In order to verify signature, you need to provide a *trusted* certificate
(for example, using "--trusted" option for xmlsec utility) with a subject
equal to issuer of the certificate used for signature.


Aleksey






More information about the xmlsec mailing list