Altova XMLSpy 2024 Enterprise Edition

Verify XML Signature

Home Prev Top Next

An XML signature will be correctly verified if the XML file has not been changed since having been signed. Otherwise the verification will fail. The Verify XML Signature command executes the verification process and displays the results of the verification in the Messages windows. The various verification scenarios in XMLSpy are described below:

 

XML file contains certificate-based signature, key information included in signature

XML file contains certificate-based signature, key information not contained in signature

Certificate-based signature in external file, key information contained in signature

Certificate-based signature in external file, key information not contained in signature

XML file contains password-based signature

Password-based signature in external file

 

XML file contains certificate-based signature, key information included in signature

To verify the XML signature in this scenario, make the XML file active in XMLSpy. On clicking the XML | Verify XML Signature command, the verification process will be executed and the result will be displayed in the Messages window (verification succeeded or failed).

 

XML file contains certificate-based signature, key information not contained in signature

If no key information is contained in the certificate-based signature, XMLSpy will prompt you for the certificate from which public-key information for the verification can be read. Verification is done with the XML file active in XMLSpy. On clicking the XML | Verify XML Signature command, you will be prompted to select the certificate store in which the certificate is stored (screenshot below).

SigsSelectCertStore

On selecting a certificate store and clicking OK, a dialog displaying the certificates in that store pops up (screenshot below). Select the certificate required for the verification and click OK.

SigsSelectCert

The signature is verified and the result is displayed in the Messages window.

 

Certificate-based signature in external file, key information contained in signature

If a certificate-based XML signature is in an external file, the signature is verified with the signature file active in XMLSpy. On clicking the XML | Verify XML Signature command, the verification process will be executed and the result will be displayed in the Messages window (verification succeeded or failed).

 

Certificate-based signature in external file, key information not contained in signature

If a certificate-based XML signature is in an external file, the signature is verified with the signature file active in XMLSpy. On clicking the XML | Verify XML Signature command, XMLSpy will prompt you for the certificate from which public-key information for the verification can be read. Select the certificate as described in the section: XML file contains certificate-based signature, key information not contained in signature. The verification process will be executed and the result will be displayed in the Messages window (verification succeeded or failed).

 

XML file contains password-based signature

If the XML file contains a password-based XML signature, the signature is verified with the XML file active in XMLSpy. On clicking the XML | Verify XML Signature command, a dialog pops up prompting you for the password (screenshot below).

SigPassword

Enter the password, which must be five to sixteen characters long, and then click OK. The verification process will be executed and the result will be displayed in the Messages window (verification succeeded or failed).

 

Password-based signature in external file

If a password-based XML signature is in an external file, the signature is verified with the signature file active in XMLSpy. On clicking the XML | Verify XML Signature command, a dialog pops up prompting you for the password (screenshot below).

SigPassword

Enter the password, which must be five to sixteen characters long, and then click OK. The verification process will be executed and the result will be displayed in the Messages window (verification succeeded or failed).

 

© 2017-2023 Altova GmbH