Hi
Thanks a lot for your patience. All I want is the one you mentioned here.
openssl smime -verify -noverify -nointern -nochain -in message.txt
-certfile myfile.pem
And I am saved..... and a VERY HAPPY NEW YEAR
regards
mahesh
-----Original Message-----
From: Dr S N Henson [mailto:[EMAIL PROTECTED]]
Sent: Friday, December 29, 2000 4:46 PM
To: [EMAIL PROTECTED]
Subject: Re: openssl smime verify
Mahesh Anantharaman wrote:
>
> Hi
>
> I am sorry for the question. Here is what I want.
> I am having the senders certificate saved locally downloaded from
verisign.
> I want to verify the
> email received against the sender certificate not with the root ca.
> Is it possible.
The email is always checked against the senders certificate: it is
extracted from the signed email automatically so there is no need to
donwload it manually. The senders certificate chain is verified against
the root CA.
> This is a very strong requirement.
>
Perhaps it would help if you explained what you are trying to do. Are
trying to set up things so only email signed with one certificate (as
opposed to anything chained to the trusted root CAs) is actually
verified? If so you can use something like:
openssl smime -verify -noverify -nointern -nochain -in message.txt
-certfile myfile.pem
Then only messages signed by certificates in the file 'myfile.pem' will
be verified.
Steve.
--
Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED]
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
