On Tue, Dec 16, 2008, Mike J wrote: > Thanks, this seems to work pretty good. > > I read that with a PKCS7 file, there was the option of having one or more > co-signers. > So I sign the file, send it to someone else, and they co-sign the file and > then send it to a third > party who is then able to verify it with the root CA. > > I can't seem to figure out howto get co-signing to work. > The openssl Documentation says there is a "smime -resign" function, but my > version doesn't seem > to include it ( 0.9.8g is the signer version and 0.9.7f is the verifying > version) > > Is co-signing available in openssl? >
It is but only in smime+OpenSSL 0.9.9-dev which is not released. You can however use the cms utility in 0.9.8 to add a signer. OpenSSL 0.9.7 does not include cms support but the output is normally compatible with PKCS#7 unless you use an incompatible option. See the documentation for more details. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
