Hi all,
Now that I have my full error message, the problem I have is that the
verification is failing because the certificate has expired:
error:21075075:PKCS7 routines:PKCS7_verify:certificate verify error:
Verify error:certificate has expired
The error message is correct - the certificate has expired - but - the
certificate was valid when the message was originally signed.
Is there a specific way I should format the effective date of the
PKCS7 smime message, so that PKCS7_verify() will say "on the date this
message was signed, the attached certs were valid" (and if so, how),
or must I parse the date of the message manually, and then feed it
into X509_VERIFY_PARAM_set_time() on the certificate store parameters?
I just need to check I am doing the right thing.
Regards,
Graham
--
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
