Victor, many thanks, I have got a bit further ! > > I am sure I am nearly there, can anyone help me please ? > > It asks for local (i.e. trusted) certificate of security authority, > who've issued (i.e. signed) signer's certificate. > > Either provide path to the place where your trusted certificates are > stored using -CAfile or -CAdir argument, or specify -noverify to prevent > it from verifying certificate chain.
I am now using this command: $ openssl smime -verify -inform PEM -in signature.pk7 -CAfile development_cm.pem -content content.txt And I get this output: content Verification failure 2788:error:21071065:PKCS7 routines:PKCS7_signatureVerify:digest failure:pk7_doit.c:804: 2788:error:21075069:PKCS7 routines:PKCS7_verify:signature failure:pk7_smime.c:265: It looks like it is all working, just that it is failing verification. But the content is so simple, that i can't believe that is the problem ! Is the problem CR/LF ? I am signing using FireFox on Windows to sign but using OpenSSL on Linux to verify. Any ideas ? Chris... ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
