#34261 [Fbk-Opn]: openssl_pkcs7_verify returns FALSE for msg that is correct
ID: 34261 User updated by: arnaud dot bertrand at apvsys dot org Reported By: arnaud dot bertrand at apvsys dot org -Status: Feedback +Status: Open Bug Type: OpenSSL related Operating System: * PHP Version: 5CVS-2005-08-28 New Comment: Hi, here is the full testcase: http://www.apvsys.org/testcase.tgz Download this file and extract it in / The 3 files will be extracted in /tmp tmp/thawte_freemail.cer tmp/msg.txt tmp/testcase.php just execute testcase.php at the current time: you will get: Digital Signature BAD! Now, change the system date to 9/9/2004 rexecute it... Now the message is valid and you should get: Digital Signature OK! array(11) { [name]= string(65) /CN=Thawte Freemail Member/[EMAIL PROTECTED] (...) Previous Comments: [2005-09-07 16:27:59] [EMAIL PROTECTED] Can you please provide a full reproducing case with all the required files included? [2005-08-28 10:35:05] arnaud dot bertrand at apvsys dot org Thank for your fast answer, I've just tried with the latest win32 version (begin of the phpinfo() follows). Result is unfortunately identical with the latest version. The bug is still in. phpinfo() PHP Version 5.1.0-dev System Windows NT EULER 5.1 build 2600 Build Date Aug 28 2005 08:23:12 Configure Command cscript /nologo configure.js --enable-snapshot-build --with-gd=shared Server API Apache 2.0 Handler Virtual Directory Support enabled Configuration File (php.ini) Path C:\php\php.ini PHP API 20041225 PHP Extension 20050617 Zend Extension 220050617 Debug Build no Thread Safety enabled Zend Memory Manager enabled IPv6 Support enabled Registered PHP Streams php, file, http, ftp, compress.zlib, https, ftps Registered Stream Socket Transports tcp, udp, ssl, sslv3, sslv2, tls Registered Stream Filters convert.iconv.*, string.rot13, string.toupper, string.tolower, string.strip_tags, convert.*, zlib.* [2005-08-26 16:34:56] [EMAIL PROTECTED] Please try using this CVS snapshot: http://snaps.php.net/php5-latest.tar.gz For Windows: http://snaps.php.net/win32/php5-win32-latest.zip [2005-08-25 22:17:51] arnaud dot bertrand at apvsys dot org Description: Context: A message msg.txt was signed the 01-01-2005 with a certificate expired the 03-03-2005. It is a valid signed message. If the system date is 02-02-2005,the openssl_pkcs7_verify function applied to this msg.txt returns TRUE. It means it is a valid message If you change the system date to 04-04-2005 (date after the expiration date of the certificate), the openssl_pkcs7_verify function applied to this msg.txt returns FALSE! Without any other information. But it is not correct because at the moment of the signature, it was correct. Reproduce code: --- $filename=/tmp/msg.txt; $lCertT=array(/tmp/certifdir,/tmp/certifdir/thawte_freemail.cer); $tmp_cert = tempnam (, crt); $res = openssl_pkcs7_verify($filename, 0, $tmp_cert, $lCertT); if (!$res) { echo(Digital Signature BAD!br\n); } else if ($res === -1) { echo(Error ...); } else { echo(Digital Signature OK!br\n); $cert_info = openssl_x509_parse(file://$tmp_cert); var_dump($cert_info); } Expected result: We expect to have result independent of the current date.. or at least, to have information that at the signature time, the message was correct but was signed with a certificate that is expired today. Another possibility could be: to foressen an extra parameter to the function to pass the date of the validation. If you check the same message with an e-mail client (e.g. thunderbird), it will say that the message was correctly signed with a valid certificate... whatever the current date is. Actual result: -- Validation result depends of the system date -- Edit this bug report at http://bugs.php.net/?id=34261edit=1
#34261 [Fbk-Opn]: openssl_pkcs7_verify returns FALSE for msg that *was* correct
ID: 34261 User updated by: arnaud dot bertrand at apvsys dot org Reported By: arnaud dot bertrand at apvsys dot org -Status: Feedback +Status: Open Bug Type: OpenSSL related Operating System: win32 Linux PHP Version: 5.0.4 New Comment: Thank for your fast answer, I've just tried with the latest win32 version (begin of the phpinfo() follows). Result is unfortunately identical with the latest version. The bug is still in. phpinfo() PHP Version 5.1.0-dev System Windows NT EULER 5.1 build 2600 Build Date Aug 28 2005 08:23:12 Configure Command cscript /nologo configure.js --enable-snapshot-build --with-gd=shared Server API Apache 2.0 Handler Virtual Directory Support enabled Configuration File (php.ini) Path C:\php\php.ini PHP API 20041225 PHP Extension 20050617 Zend Extension 220050617 Debug Build no Thread Safety enabled Zend Memory Manager enabled IPv6 Support enabled Registered PHP Streams php, file, http, ftp, compress.zlib, https, ftps Registered Stream Socket Transports tcp, udp, ssl, sslv3, sslv2, tls Registered Stream Filters convert.iconv.*, string.rot13, string.toupper, string.tolower, string.strip_tags, convert.*, zlib.* Previous Comments: [2005-08-26 16:34:56] [EMAIL PROTECTED] Please try using this CVS snapshot: http://snaps.php.net/php5-latest.tar.gz For Windows: http://snaps.php.net/win32/php5-win32-latest.zip [2005-08-25 22:17:51] arnaud dot bertrand at apvsys dot org Description: Context: A message msg.txt was signed the 01-01-2005 with a certificate expired the 03-03-2005. It is a valid signed message. If the system date is 02-02-2005,the openssl_pkcs7_verify function applied to this msg.txt returns TRUE. It means it is a valid message If you change the system date to 04-04-2005 (date after the expiration date of the certificate), the openssl_pkcs7_verify function applied to this msg.txt returns FALSE! Without any other information. But it is not correct because at the moment of the signature, it was correct. Reproduce code: --- $filename=/tmp/msg.txt; $lCertT=array(/tmp/certifdir,/tmp/certifdir/thawte_freemail.cer); $tmp_cert = tempnam (, crt); $res = openssl_pkcs7_verify($filename, 0, $tmp_cert, $lCertT); if (!$res) { echo(Digital Signature BAD!br\n); } else if ($res === -1) { echo(Error ...); } else { echo(Digital Signature OK!br\n); $cert_info = openssl_x509_parse(file://$tmp_cert); var_dump($cert_info); } Expected result: We expect to have result independent of the current date.. or at least, to have information that at the signature time, the message was correct but was signed with a certificate that is expired today. Another possibility could be: to foressen an extra parameter to the function to pass the date of the validation. If you check the same message with an e-mail client (e.g. thunderbird), it will say that the message was correctly signed with a valid certificate... whatever the current date is. Actual result: -- Validation result depends of the system date -- Edit this bug report at http://bugs.php.net/?id=34261edit=1
#34261 [NEW]: openssl_pkcs7_verify returns FALSE for msg that *was* correct
From: arnaud dot bertrand at apvsys dot org Operating system: win32 Linux PHP version: 5.0.4 PHP Bug Type: OpenSSL related Bug description: openssl_pkcs7_verify returns FALSE for msg that *was* correct Description: Context: A message msg.txt was signed the 01-01-2005 with a certificate expired the 03-03-2005. It is a valid signed message. If the system date is 02-02-2005,the openssl_pkcs7_verify function applied to this msg.txt returns TRUE. It means it is a valid message If you change the system date to 04-04-2005 (date after the expiration date of the certificate), the openssl_pkcs7_verify function applied to this msg.txt returns FALSE! Without any other information. But it is not correct because at the moment of the signature, it was correct. Reproduce code: --- $filename=/tmp/msg.txt; $lCertT=array(/tmp/certifdir,/tmp/certifdir/thawte_freemail.cer); $tmp_cert = tempnam (, crt); $res = openssl_pkcs7_verify($filename, 0, $tmp_cert, $lCertT); if (!$res) { echo(Digital Signature BAD!br\n); } else if ($res === -1) { echo(Error ...); } else { echo(Digital Signature OK!br\n); $cert_info = openssl_x509_parse(file://$tmp_cert); var_dump($cert_info); } Expected result: We expect to have result independent of the current date.. or at least, to have information that at the signature time, the message was correct but was signed with a certificate that is expired today. Another possibility could be: to foressen an extra parameter to the function to pass the date of the validation. If you check the same message with an e-mail client (e.g. thunderbird), it will say that the message was correctly signed with a valid certificate... whatever the current date is. Actual result: -- Validation result depends of the system date -- Edit bug report at http://bugs.php.net/?id=34261edit=1 -- Try a CVS snapshot (php4): http://bugs.php.net/fix.php?id=34261r=trysnapshot4 Try a CVS snapshot (php5.0): http://bugs.php.net/fix.php?id=34261r=trysnapshot50 Try a CVS snapshot (php5.1): http://bugs.php.net/fix.php?id=34261r=trysnapshot51 Fixed in CVS:http://bugs.php.net/fix.php?id=34261r=fixedcvs Fixed in release:http://bugs.php.net/fix.php?id=34261r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=34261r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=34261r=needscript Try newer version: http://bugs.php.net/fix.php?id=34261r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=34261r=support Expected behavior: http://bugs.php.net/fix.php?id=34261r=notwrong Not enough info: http://bugs.php.net/fix.php?id=34261r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=34261r=submittedtwice register_globals:http://bugs.php.net/fix.php?id=34261r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=34261r=php3 Daylight Savings:http://bugs.php.net/fix.php?id=34261r=dst IIS Stability: http://bugs.php.net/fix.php?id=34261r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=34261r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=34261r=float No Zend Extensions: http://bugs.php.net/fix.php?id=34261r=nozend MySQL Configuration Error: http://bugs.php.net/fix.php?id=34261r=mysqlcfg
#27585 [Bgs]: when openssl_pkcs7_verify fails once, it fails next time even if it should not
ID: 27585 User updated by: arnaud dot bertrand at apvsys dot org Reported By: arnaud dot bertrand at apvsys dot org Status: Bogus Bug Type: OpenSSL related Operating System: win32 Linux PHP Version: 4.3.4 New Comment: I tried it on Linux 2.4 with apache 2.0.48 php 5.0.0b4 It fails with openssl 0.9.6l but works good with 0.9.7b here's the script so you can try to reproduce it ==bug.php=== ?php function processMail($filename) { $ret = false; $tmp_cert = tempnam (, crt); $res = openssl_pkcs7_verify($filename, 0, $tmp_cert, array(., thawte_freemail.cer)); if ($res === false) echo(Digital Signature BAD!br\n); else if ($res === -1) echo(Error while verifying digital signature ($res)!br\n); else { echo(Digital Signature OK!br\n); $cert_info = openssl_x509_parse(file://$tmp_cert); print_r($cert_info['subject']); $ret = true; } unlink($tmp_cert); return $ret; } ? HTML HEAD TITLESigned Mail check/TITLE /HEAD BODY pre ?php processMail('mail_ok.txt'); processMail('mail_bad.txt'); processMail('mail_ok.txt'); ? /pre /BODY /HTML ==mail_ok.txt=== User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.3) Gecko/20030312 X-Accept-Language: en-us, en MIME-Version: 1.0 To: [EMAIL PROTECTED] Subject: DigiSign Content-Type: multipart/signed; protocol=application/x-pkcs7-signature; micalg=sha1; boundary=ms020400030006030201090307 Status: U This is a cryptographically signed message in MIME format. --ms020400030006030201090307 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit user=jfm document=test2.txt version=1.1 checksum=ASH454sdFDD5s4g54b56jhg156qzejh --ms020400030006030201090307 Content-Type: application/x-pkcs7-signature; name=smime.p7s Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename=smime.p7s Content-Description: S/MIME Cryptographic Signature MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIH5TCC Ak0wggG2oAMCAQICAwvUDjANBgkqhkiG9w0BAQQFADBiMQswCQYDVQQGEwJaQTElMCMGA1UE ChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNv bmFsIEZyZWVtYWlsIElzc3VpbmcgQ0EwHhcNMDQwMzAzMTYwNTU5WhcNMDUwMzAzMTYwNTU5 WjBEMR8wHQYDVQQDExZUaGF3dGUgRnJlZW1haWwgTWVtYmVyMSEwHwYJKoZIhvcNAQkBFhJq Zi5tZWVzc2VuQGdteC5uZXQwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAPWGAmUv7Zv7 fqYsiTWiTng95UnrsuVVsVpyUjHh+B5KGNW/ZQRDkc8cf6zD0XJEwDXoCFKaN1YNCzsIK6oB 1JRxYfAN5AMMORqGctNd9/ZIg1T21VaUlqsmyYFFqfRh/BGz3ZCxXCYHFCSy42tXNG0doEjD UbeOSoOLZhQTxKW5AgMBAAGjLzAtMB0GA1UdEQQWMBSBEmpmLm1lZXNzZW5AZ214Lm5ldDAM BgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBBAUAA4GBACaUclk1ab25qRYbrZSyEn9XA5TMFoRY ezCfHYJr8PPSt3Jp79jzdcDQ3gq6ceWbjhCZo6ILbsPU585mCtTrgo8w4iTcn8dNGlCIe83S fOxS/e1DBXTsn0sVj77HbaWqXbYRruK9IZSst96cgi2Yi/KkHIRW/8akl8jROu/OBTMVMIIC TTCCAbagAwIBAgIDC9QOMA0GCSqGSIb3DQEBBAUAMGIxCzAJBgNVBAYTAlpBMSUwIwYDVQQK ExxUaGF3dGUgQ29uc3VsdGluZyAoUHR5KSBMdGQuMSwwKgYDVQQDEyNUaGF3dGUgUGVyc29u YWwgRnJlZW1haWwgSXNzdWluZyBDQTAeFw0wNDAzMDMxNjA1NTlaFw0wNTAzMDMxNjA1NTla MEQxHzAdBgNVBAMTFlRoYXd0ZSBGcmVlbWFpbCBNZW1iZXIxITAfBgkqhkiG9w0BCQEWEmpm Lm1lZXNzZW5AZ214Lm5ldDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA9YYCZS/tm/t+ piyJNaJOeD3lSeuy5VWxWnJSMeH4HkoY1b9lBEORzxx/rMPRckTANegIUpo3Vg0LOwgrqgHU lHFh8A3kAww5GoZy01339kiDVPbVVpSWqybJgUWp9GH8EbPdkLFcJgcUJLLja1c0bR2gSMNR t45Kg4tmFBPEpbkCAwEAAaMvMC0wHQYDVR0RBBYwFIESamYubWVlc3NlbkBnbXgubmV0MAwG A1UdEwEB/wQCMAAwDQYJKoZIhvcNAQEEBQADgYEAJpRyWTVpvbmpFhutlLISf1cDlMwWhFh7 MJ8dgmvw89K3cmnv2PN1wNDeCrpx5ZuOEJmjogtuw9TnzmYK1OuCjzDiJNyfx00aUIh7zdJ8 7FL97UMFdOyfSxWPvsdtpapdthGu4r0hlKy33pyCLZiL8qQchFb/xqSXyNE6784FMxUwggM/ MIICqKADAgECAgENMA0GCSqGSIb3DQEBBQUAMIHRMQswCQYDVQQGEwJaQTEVMBMGA1UECBMM V2VzdGVybiBDYXBlMRIwEAYDVQQHEwlDYXBlIFRvd24xGjAYBgNVBAoTEVRoYXd0ZSBDb25z dWx0aW5nMSgwJgYDVQQLEx9DZXJ0aWZpY2F0aW9uIFNlcnZpY2VzIERpdmlzaW9uMSQwIgYD VQQDExtUaGF3dGUgUGVyc29uYWwgRnJlZW1haWwgQ0ExKzApBgkqhkiG9w0BCQEWHHBlcnNv bmFsLWZyZWVtYWlsQHRoYXd0ZS5jb20wHhcNMDMwNzE3MDAwMDAwWhcNMTMwNzE2MjM1OTU5 WjBiMQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkgTHRk LjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIElzc3VpbmcgQ0EwgZ8wDQYJ KoZIhvcNAQEBBQADgY0AMIGJAoGBAMSmPFVzVftOucqZWh5owHUEcJ3f6f+jHuy9zfVb8hp2 vX8MOmHyv1HOAdTlUAow1wJjWiyJFXCO3cnwK4Vaqj9xVsuvPAsH5/EfkTYkKhPPK9Xzgnc9 A74r/rsYPge/QIACZNenprufZdHFKlSFD0gEf6e20TxhBEAeZBlyYLf7AgMBAAGjgZQwgZEw EgYDVR0TAQH/BAgwBgEB/wIBADBDBgNVHR8EPDA6MDigNqA0hjJodHRwOi8vY3JsLnRoYXd0 ZS5jb20vVGhhd3RlUGVyc29uYWxGcmVlbWFpbENBLmNybDALBgNVHQ8EBAMCAQYwKQYDVR0R BCIwIKQeMBwxGjAYBgNVBAMTEVByaXZhdGVMYWJlbDItMTM4MA0GCSqGSIb3DQEBBQUAA4GB
#27585 [Fbk-Opn]: when openssl_pkcs7_verify fails once, it fails next time even if it should not
ID: 27585 User updated by: arnaud dot bertrand at apvsys dot org Reported By: arnaud dot bertrand at apvsys dot org -Status: Feedback +Status: Open Bug Type: OpenSSL related Operating System: win32 Linux PHP Version: 4.3.4 New Comment: Yes, I'm sure it happens under Linux (Suse8, Kernel 2.4) The version I used was sapi php4apache. After multiple tries, I found a version that works without the problem under Win32. This version has openssl 0.9.7.b. The previous one that failed was 0.9.6.k. Under Linux, because it is a friend of me who is testing it, I've to be sure of the exact versions. Previous Comments: [2004-03-14 10:34:51] [EMAIL PROTECTED] Also, tell us your openssl version and which sapi (cli, cgi, apache, isapi) you are using to reproduce this. Does using one or all of the others (that you can try) also cause the problem? [2004-03-14 10:21:55] [EMAIL PROTECTED] Are you sure this happens under linux too? I'd almost expect it under win32 (which has funny locking semantics). [2004-03-13 07:04:30] arnaud dot bertrand at apvsys dot org Description: The function openssl_pkcs7_verify has a strange behaviour juster after a verification has report a bad signature. When the verification reports a good signature, no problem When it reports a bad signature, it works BUT the next time (if it is a short time) the function is called, the access to the CA certificate failed and it reports a bad signature even if it is a correct one. Reproduce code: --- Here is the function a use / BEGIN function CheckMailSignature($filename) { global $CertificatDir; global $CertificatFile; echo(Processing file: $filenamebr\n); echo(Certificate: $CertificatDirbr\n); chdir($CertificatDir); $tmp_cert = tempnam (, crt); $res = openssl_pkcs7_verify($filename, 0,$tmp_cert, array($CertificatDir, $CertificatDir/$CertificatFile)); if ($res === false) echo(Digital Signature BAD!br\n); else if ($res === -1) echo(Error while verifying digital signature ($res)!br\n); else { echo(Digital Signature OK!br\n); $cert_info = openssl_x509_parse(file://$tmp_cert); echo(Common name: '.$cert_info['subject']['CN'].'br\n); echo(E-mail: '.$cert_info['subject']['Email'].'br\n); unlink($tmp_cert); return true; } unlink($tmp_cert); return false; } END Expected result: Processing file: c:/test/abe-0.txt Certificate: c:/certdir/cert Digital Signature OK! Common name: 'Thawte Freemail Member' E-mail: '[EMAIL PROTECTED]' // now check a bad one Processing file: c:/test/abe-0-bad.txt Certificate: c:/metadoc-iba/cert Digital Signature BAD! // Now check the correct one again Processing file: c:/test/abe-0.txt Certificate: c:/certdir/cert Digital Signature OK! Common name: 'Thawte Freemail Member' E-mail: '[EMAIL PROTECTED]' Actual result: -- Processing file: c:/test/abe-0.txt Certificate: c:/certdir/cert Digital Signature OK! Common name: 'Thawte Freemail Member' E-mail: '[EMAIL PROTECTED]' // now check a bad one Processing file: c:/test/abe-0-bad.txt Certificate: c:/metadoc-iba/cert Digital Signature BAD! // Now check the correct one again Processing file: c:/test/abe-0.txt Certificate: c:/certdir/cert Warning: openssl_pkcs7_verify() [function.openssl-pkcs7-verify]: error loading file c:/cert/thawte_freemail.cer in c:\cvswork\ntmetapro\mailsign.php on line 12 Digital Signature BAD! // Waiting a few minutes or restarting apache: Processing file: c:/test/abe-0.txt Certificate: c:/certdir/cert Digital Signature OK! Common name: 'Thawte Freemail Member' E-mail: '[EMAIL PROTECTED]' -- Edit this bug report at http://bugs.php.net/?id=27585edit=1
#27585 [NEW]: when openssl_pkcs7_verify fails once, it fails next time even if it should not
From: arnaud dot bertrand at apvsys dot org Operating system: win32 Linux PHP version: 4.3.4 PHP Bug Type: OpenSSL related Bug description: when openssl_pkcs7_verify fails once, it fails next time even if it should not Description: The function openssl_pkcs7_verify has a strange behaviour juster after a verification has report a bad signature. When the verification reports a good signature, no problem When it reports a bad signature, it works BUT the next time (if it is a short time) the function is called, the access to the CA certificate failed and it reports a bad signature even if it is a correct one. Reproduce code: --- Here is the function a use / BEGIN function CheckMailSignature($filename) { global $CertificatDir; global $CertificatFile; echo(Processing file: $filenamebr\n); echo(Certificate: $CertificatDirbr\n); chdir($CertificatDir); $tmp_cert = tempnam (, crt); $res = openssl_pkcs7_verify($filename, 0,$tmp_cert, array($CertificatDir, $CertificatDir/$CertificatFile)); if ($res === false) echo(Digital Signature BAD!br\n); else if ($res === -1) echo(Error while verifying digital signature ($res)!br\n); else { echo(Digital Signature OK!br\n); $cert_info = openssl_x509_parse(file://$tmp_cert); echo(Common name: '.$cert_info['subject']['CN'].'br\n); echo(E-mail: '.$cert_info['subject']['Email'].'br\n); unlink($tmp_cert); return true; } unlink($tmp_cert); return false; } END Expected result: Processing file: c:/test/abe-0.txt Certificate: c:/certdir/cert Digital Signature OK! Common name: 'Thawte Freemail Member' E-mail: '[EMAIL PROTECTED]' // now check a bad one Processing file: c:/test/abe-0-bad.txt Certificate: c:/metadoc-iba/cert Digital Signature BAD! // Now check the correct one again Processing file: c:/test/abe-0.txt Certificate: c:/certdir/cert Digital Signature OK! Common name: 'Thawte Freemail Member' E-mail: '[EMAIL PROTECTED]' Actual result: -- Processing file: c:/test/abe-0.txt Certificate: c:/certdir/cert Digital Signature OK! Common name: 'Thawte Freemail Member' E-mail: '[EMAIL PROTECTED]' // now check a bad one Processing file: c:/test/abe-0-bad.txt Certificate: c:/metadoc-iba/cert Digital Signature BAD! // Now check the correct one again Processing file: c:/test/abe-0.txt Certificate: c:/certdir/cert Warning: openssl_pkcs7_verify() [function.openssl-pkcs7-verify]: error loading file c:/cert/thawte_freemail.cer in c:\cvswork\ntmetapro\mailsign.php on line 12 Digital Signature BAD! // Waiting a few minutes or restarting apache: Processing file: c:/test/abe-0.txt Certificate: c:/certdir/cert Digital Signature OK! Common name: 'Thawte Freemail Member' E-mail: '[EMAIL PROTECTED]' -- Edit bug report at http://bugs.php.net/?id=27585edit=1 -- Try a CVS snapshot (php4): http://bugs.php.net/fix.php?id=27585r=trysnapshot4 Try a CVS snapshot (php5): http://bugs.php.net/fix.php?id=27585r=trysnapshot5 Fixed in CVS: http://bugs.php.net/fix.php?id=27585r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=27585r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=27585r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=27585r=needscript Try newer version: http://bugs.php.net/fix.php?id=27585r=oldversion Not developer issue:http://bugs.php.net/fix.php?id=27585r=support Expected behavior: http://bugs.php.net/fix.php?id=27585r=notwrong Not enough info:http://bugs.php.net/fix.php?id=27585r=notenoughinfo Submitted twice:http://bugs.php.net/fix.php?id=27585r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=27585r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=27585r=php3 Daylight Savings: http://bugs.php.net/fix.php?id=27585r=dst IIS Stability: http://bugs.php.net/fix.php?id=27585r=isapi Install GNU Sed:http://bugs.php.net/fix.php?id=27585r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=27585r=float