Hi Timothy, On Thu, Mar 04, 2021 at 11:40:51PM -0400, Timothy Legge <timlegge at gmail.com> wrote: > <dsig:KeyInfo> > <dsig:KeyValue> Is there any reason why you specify KeyValue directly? If you wrap your key into an x509 cert and use <X509Data>, that should work, see e.g. tests/aleksey-xmldsig-01/enveloping-sha256-ecdsa-sha256.xml. Regards, Miklos