<html> <head> <base href="https://bugs.documentfoundation.org/"> </head> <body> <div> <a class="bz_bug_link bz_status_NEEDINFO " title="NEEDINFO - Digital Signatures are not working with 64-Bit LibreOffice 5.0.2.2 and 32-Bit LibreOffice 5.2.x in Windows" href="https://bugs.documentfoundation.org/show_bug.cgi?id=94903#c20">Comment # 20</a> on <a class="bz_bug_link bz_status_NEEDINFO " title="NEEDINFO - Digital Signatures are not working with 64-Bit LibreOffice 5.0.2.2 and 32-Bit LibreOffice 5.2.x in Windows" href="https://bugs.documentfoundation.org/show_bug.cgi?id=94903">bug 94903</a> from <a class="email" href="mailto:stavros.daliakopoulos@gmail.com" title="stavrosss <stavros.daliakopoulos@gmail.com>"> stavrosss</a> <pre>There is some nastiness going on here and I really hate it. "JL: OpenOffice.org implements its own certificate verification routine. -+ The goal is to separate validation of the signature -+ and the certificate. For example, OOo could show that the document signature is valid, -+ but the certificate could not be verified. If we do not prevent the verification of -+ the certificate by libxmlsec and the verification fails, then the XML signature will not be -+ verified. This would happen, for example, if the root certificate is not installed. " I don't really get it so I installed Apache openoffice 4.1.7 as well. I sign a document with Libreoffice 5.4.3.2 that still works for me. First test, I sign with Loffice and then I open the file from apacheOO. Apache says the certificate is ok, but the signature is invalid. Libreoffice says it is ok and the type of signature is XAdES Second test I sign with Apache and then I open with LIbre Libreoffice says everything ok and the type of sign is XML-DSig Certificate is valid and signature is valid</pre> </div> <hr> You are receiving this mail because: <ul> <li>You are the assignee for the bug.</li> </ul> </body> </html>