As per the discussion of http://marc.theaimsgroup.com/?l=openssl-users&m=112176306618249&w=2 , it does not appear that openssl can be used to derypt a smime message if the certificate is lost even if the public and private key are still in the decrypter's possesion.
RFE: It would be great if openssl could a) simply try the (most likely only one) private key in keysAndCerts.pem if it doesn't find the matching certificate anyway b) only do that if also the "nocerts" parameter is given openssl smime -decrypt -in encrypted.eml -recip keysAndCerts.pem -nocerts ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [EMAIL PROTECTED]
