Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Problem with S/MIME
74 views
Skip to first unread message
massimil...@gmail.com
Dec 17, 2012, 11:41:28 AM12/17/12
to
Hello All,
I am trying to do some interoperability tests with S/MIME and java bouncy castle. I have issues
with S/MIME signature verification.
max@spirit6 ~/Downloads/openssl-1.0.1c/apps $ ./openssl
OpenSSL> version
OpenSSL 1.0.1c 10 May 2012
OpenSSL> max@spirit6 ~/Downloads/openssl-1.0.1c/apps $ cat >> message.txt
Hi, this is a text message
max@spirit6 ~/Downloads/openssl-1.0.1c/apps $ ./openssl smime -sign -signer cert.pem -inkey key.pem -in message.txt -out message.txt.signed
max@spirit6 ~/Downloads/openssl-1.0.1c/apps $ ./openssl smime -verify -text -in message.txt.signed
Verification failure
2897402476:error:21075075:PKCS7 routines:PKCS7_verify:certificate verify error:pk7_smime.c:342:Verify error:unable to get local issuer certificate
max@spirit6 ~/Downloads/openssl-1.0.1c/apps $ ./openssl smime -verify -text -in message.txt.signed -CAfile cert.pem
Verification failure
2897402476:error:21075075:PKCS7 routines:PKCS7_verify:certificate verify error:pk7_smime.c:342:Verify error:unable to get local issuer certificate
max@spirit6 ~/Downloads/openssl-1.0.1c/apps $
This happens with version 1.0.1c.
Is it a FAQ? If yes, sorry for that!
Thank you,
Massi
massimil...@gmail.com
Dec 17, 2012, 12:00:16 PM12/17/12
to
Hi,
Sorry, wrong error. The actual error is:
max@spirit6 ~/Downloads/openssl-1.0.1c/apps $ ./openssl smime -verify -in message.txt.signed -text -CAfile cacert.pem
Verification failure
2897402476:error:0D0D50CE:asn1 encoding routines:SMIME_text:mime no content type:asn_mime.c:586:
2897402476:error:21075081:PKCS7 routines:PKCS7_verify:smime text error:pk7_smime.c:395:
Dave Thompson
Dec 17, 2012, 6:06:46 PM12/17/12
to
>From: owner-ope...@openssl.org On Behalf Of
massimil...@gmail.com
>Sent: Monday, 17 December, 2012 12:00
>Sorry, wrong error. The actual error is:
><snip> ./openssl smime -verify -in message.txt.signed -text -CAfile
Note that unlike many other commandline utilities where -text
means to prettyprint something, smime -text means to add or
remove MIME headers for this type. See the man page.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openss...@openssl.org
Automated List Manager majo...@openssl.org
massimil...@gmail.com
>Sent: Monday, 17 December, 2012 12:00
>Sorry, wrong error. The actual error is:
cacert.pem
>Verification failure
>2897402476:error:0D0D50CE:asn1 encoding routines:SMIME_text:
>mime no content type:asn_mime.c:586:
>2897402476:error:21075081:PKCS7 routines:PKCS7_verify:
>smime text error:pk7_smime.c:395:
Does the signed-content have MIME headers with text/plain?
>Verification failure
>2897402476:error:0D0D50CE:asn1 encoding routines:SMIME_text:
>mime no content type:asn_mime.c:586:
>2897402476:error:21075081:PKCS7 routines:PKCS7_verify:
>smime text error:pk7_smime.c:395:
Note that unlike many other commandline utilities where -text
means to prettyprint something, smime -text means to add or
remove MIME headers for this type. See the man page.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openss...@openssl.org
Automated List Manager majo...@openssl.org
0 new messages