Hi Steve, Thanks for your reply, your suggestion worked fine. I did some experimenting and found that, when using SMIME and PEM formatted messages, I could combine the '-compress' and '-binary' options, but when using DER formatted messages this combination resulted in 'corrupt' messages after verification *). The solution was to combine '-binary' with the '-sign' option instead. Is this conclusion correct or am I missing something (again :-)?
Regards, Willem. *) Also, leaving out the '-binary' option in both te compression en signing steps had the same result. On Fri, Jul 3, 2009 at 12:19 PM, Dr. Stephen Henson<[email protected]> wrote: > On Fri, Jul 03, 2009, Willem Bos wrote: > >> Anybody? >> >> On Tue, Jun 30, 2009 at 11:15 AM, Willem Bos<[email protected]> wrote: >> > Hi all, >> > >> > I'm trying to compress + sign + encrypt files using the following command >> > line : >> > >> > openssl cms -compress -sign -in datafile.txt -nodetach -signer >> > signer.crt -inkey private.key -outform DER |\ >> > openssl cms -encrypt -binary -des3 -outform DER -out >> > datafile.txt.encrypted addressee.crt >> > >> > When I leave the `-compress` option out openssl asks me for the >> > private key passphrase. With the `-compress` option added no >> > passphrase is asked. >> > >> > I tried openssl versions 0.9.8.k, 1.0.0beta1 and 1.0.0beta1 all with >> > the same result. >> > >> > What am I missing? >> > > > There is no option to combine operations with the cms command at present. You > have to compress and sign separately but you can pipe from one to another. > > Steve. > -- > Dr Stephen N. Henson. OpenSSL project core developer. > Commercial tech support now available see: http://www.openssl.org > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List [email protected] > Automated List Manager [email protected] > > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [email protected] Automated List Manager [email protected]
