xmlfilecommand-linedigital-signaturexmlsec

Trying to sign XML with XmlSec in command line, keep getting "missing file errors"?


No matter which order of commands I use, I keep getting similar error messages:

With

xmlsec --sign --output signedfile.xml --pkcs FISKAL.p12 --pwd Password --trusted-pem root_ca.pem --id-attr:Id file.xml

I get

Error: ⟨file⟩ parameter is required for this command

If I try

xmlsec --sign --id-attr:Id --pkcs FISKAL.p12 --pwd Password --trusted-pem root_ca.pem --output signedfile.xml file.xml

I get

Error: filename is expected instead of parameter "--pwd".
Error: invalid parameters

And in the case of

xmlsec --sign --output signedfile.xml --id-attr:Id --trusted-pem root_ca.pem --pkcs FISKAL.p12 --pwd Password file.xml

it's similar:

Error: filename is expected instead of parameter "--pkcs12".
Error: invalid parameters

Below each error message is the line: Usage: xmlsec ⟨command⟩ [⟨options⟩] [⟨files⟩]

Why does xmlsec keep thinking I'm missing a file? What am I doing wrong?


Solution

  • Your --id-attr:Id parameter is incomplete. Either remove it or you need to specify it like this:

       --id-attr[:<attr-name>] [<node-namespace-uri>:]<node-name>
    
              adds attributes <attr-name> (default value "id") from all  nodes
              with<node-name>  and  namespace <node-namespace-uri> to the list
              of known ID attributes; this is a hack and if you can use DTD or
              schema  to  declare  ID  attributes  instead  (see  "--dtd-file"
              option), I don't know what else might be broken in your applica‐
              tion when you use this hack
    

    There's node-name you need to specify because it's not optional. You do specify attr-name but it is optional. This might not be what you wanted.