xmlsectool is a Java command line tool that can download, check well-formedness, schema validity, and signature of an XML document. It can also create enveloped signatures of an XML document.
| Warning |
|---|
| title | V1V2.20.0 End of Life Warning |
|---|
|
As As of December 31, 2020, all security maintenance for XMLSecTool V1V2.20.0 has ceased. V3.0.0 is the supported release. |
...
| Warning |
|---|
If you use --keystoreProvider to load a provider dynamically, you must not also load that provider statically through the java.security configuration file as this will cause two copies of the provider to be loaded. This will result in hard to debug errors, such as "Private keys must be instance of RSAPrivate(Crt)Key or have PKCS#8 encoding" or "No installed provider supports this key". |
Here is an example command line fragment:
...
| Warning |
|---|
If you modify the java.security file to statically load a provider, you must not also use the –keystoreProvider option to load it dynamically as this will cause two copies of the provider to be loaded. This will result in hard to debug errors, such as "Private keys must be instance of RSAPrivate(Crt)Key or have PKCS#8 encoding" or "No installed provider supports this key". |
Using --keystore instead of --pkcs11Config
...