Data verification with openssl smime fails

I am using openssl smime to sign and verify data.

To sign text file using openssl I sue the following command:

openssl smime -sign -in sample.txt -out mail.msg -signer cert.pem -inkey key.pem

Then I proceed to verification:

openssl smime -verify -in mail.msg -CAfile allCA.pem

The verification succeed.

My problem is that I have an external tool that performs the verification using the following command:

openssl smime -verify -in mail.msg -inform DER -CAfile allCA.pem

How to sign my txt file so it can be verified with the previous command ?

What I've tried so far:

openssl smime -sign -in sample.txt -out mail.msg -outform DER -signer cert.pem -inkey key.pem

But I get an error when trying to verify my mail:

Verification failure
140204331579208:error:2107507A:PKCS7 routines:PKCS7_verify:no content:pk7_smime.c:291:

---

The way you call sign operation creates detached signature so you would need to pass -content sample.txt to verify command. However, it is possible to create structure that encapsulates message together with signature ( -nodetach parameter).

This is the sign command you are looking for:

openssl smime -sign -in data.dat -out mail.msg -signer cert.pem -inkey key.pem -outform DER -nodetach

链接地址: http://www.djcxy.com/p/63492.html

上一篇: 没有证书与私钥匹配

下一篇: 使用openssl smime进行数据验证失败