I am using OpenSSL version 1.0.1f and got problems while signing and verifying a file using these commands: $ openssl cms -sign -inkey Mozart.pem -signer Mozart.crt -binary -in "$DOCUMENT" -out "$DOCUMENT.p7m" $ openssl cms -verify -CAfile CAcert.pem -binary -in "$DOCUMENT.p7m" -out "$DOCUMENT.out" $ cmp "$DOCUMENT" "$DOCUMENT.out" If I omit the -binary option from both calls to openssl cms then the verified document differs from the original document because of translations LF to CR/LF. If I include the -binary option the first call to openssl works fine but the second call throws errors: Verification failure 3073672892:error:2E09A09E:CMS routines:CMS_SignerInfo_verify_content:verification failure:cms_sd.c:887: 3073672892:error:2E09D06D:CMS routines:CMS_verify:content verify error:cms_smime.c:425: How do I use openssl cms -sign/verify correctly? -- View this message in context: http://openssl.6102.n7.nabble.com/cms-sign-verify-tp58943.html Sent from the OpenSSL - User mailing list archive at Nabble.com.
