OK, I have sorted this out ! Thanks for those who have taken the time
to look at my problem. The issue in the end was that vi was putting a
"\n" at the end of my content file.
[EMAIL PROTECTED] sbs]$ cat test_content.txt
sign test
[EMAIL PROTECTED] sbs]$ hexdump -c test_content.txt
000 s i
Hello there, thanks for taking the time to help !
> Have you tried the -binary option too?
Yes I have tried using binary... to no avail !
I have now gone back to basics and writen a short web page that just
asks for a signature and then writes the signature (with -BEGIN
PKCS7- header and
Victor,
> > $ openssl smime -verify -inform PEM -in signature.pk7 -CAfile
> > development_cm.pem -content content.txt
> Yes, CR/LF can be a problem. Many MTA feel free to convert eol from
> CR/LF to LF and vice versa.
Yeah, but I am not using an MTA, I am signing the data in FireFox
browser and
Victor, many thanks, I have got a bit further !
> > I am sure I am nearly there, can anyone help me please ?
>
> It asks for local (i.e. trusted) certificate of security authority,
> who've issued (i.e. signed) signer's certificate.
>
> Either provide path to the place where your trusted certifi
Hello there,
I have a signature signed using FireFox browser and want to verify the
signature using OpenSSL.
The signature seems to be in PEM format (i.e. base 64 encoded).
I can see the certificates that were used in the signature using:
openssl pkcs7 -print_certs -noout -in signature.pk7
But
As I understand it, the client signs data sent from the server in
order to authenticate itself. Therefore yes it does need its private
key.
On Tue, 18 Jan 2005 11:17:01 +, Shaun Lipscombe
<[EMAIL PROTECTED]> wrote:
>
> If the client sends the server its certificate (public key) and the
> ser
Manfred,
> since the public key of trust_new.pem is the same as that of trust.pem
> it should make no difference when it comes to decrypting the hash of
> a-sign.pem ... but I might be totally wrong of course as well...?
this is the issue... the public key and private key of trust.pem are
not the
Hello there,
> I have a server certificate signed by a local CA company and the root
> certificate that signed it expires very soon. The CA company gave us a
> new root certificate but with the new root certificate OpenSSL is no
> longer able to successfully verify the server certificate.
>
> Th
You need to join the OpenCA Users mailing list for answers to problems
with OpenCA.
On Thu, 11 Nov 2004 13:03:56 +0100, Angel Martinez Gonzalez
<[EMAIL PROTECTED]> wrote:
>
> Hello:
>
> I´m trying to initializate OpenCA. In Request Setup of Phase 1, I enter this
> DN:
>
> C=ES, ST=Valla
