[xmlsec] Keys Manager Creation Failed
Aleksey Sanin
aleksey at aleksey.com
Tue Mar 4 10:40:13 PST 2014
Yes, you might need to re-compile xmlsec. xmlsec-openssl is the default
crypto engine thus ./configure probably just didn't find openssl for
whatever reason. Run ./configure and look at the output and logs to
figure out what is happening.
Aleksey
On 3/4/14, 10:09 AM, Derek Nutile wrote:
> Thank you for your response Aleksey.
>
> How do I use OpenSSL instead of GCrypt? Do I recompile the xmlsec
> source? I looked at the ./configure --help output and it's not clear to
> me how to. Should I add ' --with-openssl=path'? Should I also use '
> --without-gcrypt'?
>
>
> On Tue, Mar 4, 2014 at 6:09 AM, Aleksey Sanin <aleksey at aleksey.com
> <mailto:aleksey at aleksey.com>> wrote:
>
> Sounds like you are using GCrypt and it doesn't support PEM key format.
> Try to use OpenSSL instead.
>
> Aleksey
>
> On 3/1/14, 1:43 PM, Derek Nutile wrote:
> > Hello Aleksey,
> >
> > Hopefully you can help me. I'm implementing Django SAML
> > (https://bitbucket.org/lgs/djangosaml2) in a project which relies on
> > your XMLSec library. The application works flawlessly on my local
> > development environment (Mac), but returns errors on my staging
> server,
> > an Amazon EC2 instance. I'm struggling to isolate the issue. The
> > exception that is generated in my SAML application is as follows:
> >
> > Exception:
> >
> func=xmlSecGCryptAppKeyLoadMemory:file=app.c:line=248:obj=unknown:subj=unknown:error=17:invalid
> > format:format=7
> >
> func=xmlSecGCryptAppKeyLoad:file=app.c:line=176:obj=unknown:subj=xmlSecGCryptAppKeyLoadMemory:error=1:xmlsec
> > library function failed:filename=/tmp/tmpZIPa5a.pem
> >
> func=xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad:file=crypto.c:line=118:obj=unknown:subj=xmlSecCryptoAppKeyLoad:error=1:xmlsec
> > library function failed:uri=/tmp/tmpZIPa5a.pem
> > Error: failed to load public key from "/tmp/tmpZIPa5a.pem".
> > Error: keys manager creation failed
> >
> > I've installed XMLSec on the Amazon EC2 instance. To do so, I had to
> > install from source. The first note is that I receive failures when
> > running a "make check" as I reported here:
> > https://bugzilla.gnome.org/show_bug.cgi?id=725279. That bug post
> has an
> > attachment of the output, but the two main failures are:
> >
> > transform "rsa-1_5" and "rsa-oaep-mgf1p" not found
> >
> > My question is this: does this sound like a library issue (missing
> > library or version mismatch)?
> >
> > You ask that I supply following for a question or bug report:
> > XMLSec version number (or the snapshot date):
> > xmlsec version: xmlsec1 1.2.19 (gcrypt)
> >
> > The platform/compiler you are using:
> > Amazon Linux AMI release 2013.09
> > Kernel: 3.4.76-65.111.amzn1.x86_64
> > gcc (GCC) 4.6.3 20120306 (Red Hat 4.6.3-2)
> >
> > The exact xmlsec utility command line:
> > /usr/local/bin/xmlsec1
> >
> > All the files mentioned in this command line:
> > ** I'm not sure how to list these?
> >
> > The xmlsec utility output:
> > ** I don't know how to run the xmlsec utility
> >
> > Additional library information from the Amazon EC2 instance that
> may be
> > important:
> > libxml2.x86_64 version: 2.9.1-1.1.28.amzn1
> > libxml2-devel.x86_64 version: 2.9.1-1.1.28.amzn1
> > libxslt.x86_64 version: 1.1.26-2.7.amzn1
> > libxslt-devel.x86_64 version: 1.1.26-2.7.amzn1
> > OpenSSL version: 1.0.1e-fips
> >
> > Thank you for your time and attention,
> > Derek Nutile
> >
> >
> > _______________________________________________
> > xmlsec mailing list
> > xmlsec at aleksey.com <mailto:xmlsec at aleksey.com>
> > http://www.aleksey.com/mailman/listinfo/xmlsec
> >
>
>
More information about the xmlsec
mailing list