Hi, Thank you for your answer.
On Mon, Jan 7, 2013 at 3:11 PM, Dr. Stephen Henson <[email protected]>wrote: It's actually a bug in OpenSSL 0.9.8. The x- version was retained for > compatibility with some older software and the option -nooldmime to the > smime > utility uses the standard version with the x-. However due to a bug in > 0.9.8 > the opposite happens. > > So if you specify -nooldmime in 1.0 and later you'll get the version > without > the x-. > That's right: this is my file: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Hi, This is an encrypted message I sign it: ./openssl smime -nooldmime -sign -in message.txt.withCType -out message.txt.withCType.signed -signer cert.pem -inkey key.pem cat message.txt.withCType.signed | grep Content-Type Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha1"; boundary="----1825A98EE3E117A732FA5E5B0D4CBCFB" Content-Type: text/plain; charset=us-ascii Content-Type: application/pkcs7-signature; name="smime.p7s" However, I have the same errors (I'm using CAfile). With 1.0.1c is not working, while 0.9.8 it is: ./openssl smime -verify -CAfile cert.pem -in message.txt.withCType.signed Verification failure 2897402476:error:21075075:PKCS7 routines:PKCS7_verify:certificate verify error:pk7_smime.c:342:Verify error:unable to get local issuer certificate openssl smime -verify -CAfile cert.pem -in message.txt.withCType.signed Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Hi, This is an encrypted message Verification successful -- Massimiliano Masi http://www.mascanc.net/~max
