The errors mean that xmlsec can not find the key. Usually, signature keys are either provided by application directly (e.g. specified in xmlsec utility command line) or retrieved from keys manager by name provided in the signature template. I believe sign1-tmpl.xml was using the second option. Aleksey