Hi, I am trying to use openssl to sign documents and store detached signatures in PKCS7 format. First, I sign the document : openssl smime -sign -in document.txt -out document.txt.sign -signer certs/jcr.crt -certfile certs/ca.crt -inkey private/jcr.key
When I check the signature, it is OK : openssl smime -verify -CAfile certs/ca.crt -in document.txt.sign >/dev/null Verification successful Then I create a PKCS7 structure : openssl smime -pk7out -in document.txt.sign -out document.txt.pkcs7 But the verification fails : openssl smime -verify -CAfile certs/ca.crt -inform PEM -content document.txt -in document.txt.pkcs7 >/dev/null Verification failure 30871:error:21071065:PKCS7 routines:PKCS7_signatureVerify:digest failure:pk7_doit.c:928: 30871:error:21075069:PKCS7 routines:PKCS7_verify:signature failure:pk7_smime.c:299: Somebody has an idea of what is wrong ? Thanks, Jean-Claude ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]