[xmlsec] Signature Verification Problem Using X509 Certificates
Roumen Petrov
xmlsec at roumenpetrov.info
Thu Feb 21 12:18:10 PST 2008
Paul Keeler wrote:
> Still no success I'm afraid. I'm starting to think that the only option I'm
> left with is to (within my application) manually parse the signed document
> and add all of the certificates to the untrusted store.
>
> [SNIP]
The valid path must begin with certificates issued by a trust anchor.
So if whole certificate chain is in untrusted store certificate cannot
be validated.
Roumen
More information about the xmlsec
mailing list