Hello all, I had a question on specifying the signing time when creating PKCS7 signed files.. I have looked at crypto/pkcs7/sign.c and after liberal use of grep, I think I have traced the function which adds the signingTime to the PKCS7_add_signed_attribute(si, NID_pkcs9_signingTime, V_ASN1_UTCTIME,sign_time); call in PKCS7_dataFinal function in crypto/pkcs7/pk7_doit.c.. I am trying to tell the application what the signing time ought to be. So I tried setting sign_time to some value greater than x509->cert_info->validity->notBefore (for example). This does change the PKCS7 signingTime *BUT* (a big one too) I also see that the validity.start time of the X.509 cert that goes into the PKCS7 file also gets set to this value.. I was wondering if I am perhaps setting the signingTime at the wrong place.. If so could someone point me to the right place? If not could someone please help me de-couple the PKCS7 signingTime from the X.509 validity.start time?? TIA for your help.. Best Regards, Kishore. __________________________________________________ Do You Yahoo!? Yahoo! Auctions - Buy the things you want at great prices. http://auctions.yahoo.com/ ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]