After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 123668 - xmlsec-mscrypto: default keys manager don't use trusted certs in MS Crypto Store
xmlsec-mscrypto: default keys manager don't use trusted certs in MS Crypto S...
Status: RESOLVED FIXED
Product: xmlsec
Classification: Other
Component: general
1.2.1
Other Linux
: Normal normal
: ---
Assigned To: Aleksey Sanin
Aleksey Sanin
Depends on:
Blocks:
 
 
Reported: 2003-10-02 01:26 UTC by Aleksey Sanin
Modified: 2016-01-28 18:37 UTC
See Also:
GNOME target: ---
GNOME version: ---



Description Aleksey Sanin 2003-10-02 01:26:15 UTC
Currently the only "trusted" certs are ones loaded to xmlsec directly (for
example, using xmlsec command line utility "--trusted" option). This means
that code does not accept trusted certs in MS Crypto store as such. There
are some functions that allow to check against trusted certs in MS Crypto
store. But MSDN says that these functions are not available in Windows
95/98/Me and partially not available in NT 4.0 and Windows 2000. Anyone
interested in more details feel free to search for "Certificate Chain
Verification Functions" article in MSDN. For me, it sounds  like it would
be possible to use these new functions but I think it would be good to have
a runtime version check:
                - if it's old Windows then use current code;
                - if it's new Windows with new functions then use some new
code.
Comment 1 Aleksey Sanin 2016-01-28 18:37:23 UTC
Migrated to: https://github.com/lsh123/xmlsec/issues/7