On Sat, Feb 02, 2008, Sebastian Patschorke wrote:
> I don't know how to use openssl, that it verifies me a signature for a pdf
> document. This is what I tried:
> openssl smime -verify -in RGF131361240.pdf -signer 799562928.crt -out
> RGF131361240.pdf is the original document, RGF131361240.pdf.pkcs7 the
> signature and 799562928.crt contains the certificate.
> I got only this:
> Error reading S/MIME message
> 28968:error:2107A087:PKCS7 routines:SMIME_read_PKCS7:no content
> Can someone please help me?
If the *.pkcs7 file is in binary format this would be a starting point:
openssl smime -verify -in foo.pkcs7 -content foo.pdf -inform DER -binary
that will probably complain about being unable to find the issuer certificate.
For testing purposes you can include the -noverify option which will tell you
it has otherwise checked the signature.
If that works you need to trust the appropriate root CA(s) and pass them to it
using the -CAfile or -CApath options.
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
OpenSSL Project http://www.openssl.org
User Support Mailing List firstname.lastname@example.org
Automated List Manager [EMAIL PROTECTED]