The mailing list for listmasters using Sympa

[Redmond Militante <address@concealed>]

Thanks.  I am able to verify a signed message to myself in Thunderbird.  But 
I am having trouble verifying a signed message from the command line on my 
sympa server.

Is the command on the faq page correct?  I copied a signed message to 
/tmp/mime.msg, and tried to run

cat /tmp/mime.msg openssl smime -verify  "-CAfile 
/home/sympa/bin/etc/ca-bundle.crt -CApath /home/sympa/bin/etc/ -signer 
/tmp/foo

it looks like the double quotes are not closed, and sends me to continued 
quote mode.  

If I close the double quotes I get 

[root@sympadev2 rjm]# cat /tmp/mime.msg openssl smime -verify  "-CAfile 
/home/sympa/bin/etc/ca-bundle.crt -CApath /home/sympa/bin/etc/ -signer 
/tmp/foo"
cat: invalid option -- r
Try `cat --help' for more information.

It seems like cat /tmp/mime.msg should be piped through openssl like

[root@sympadev2 rjm]# cat /tmp/mime.msg | openssl smime -verify  "-CAfile 
/home/sympa/bin/etc/ca-bundle.crt -CApath /home/sympa/bin/etc/ -signer 
/tmp/foo"

but this gives me an incorrect usage message for openssl.

If I eliminate the double quotes I get

[root@sympadev2 rjm]# cat /tmp/mime.msg | openssl smime -verify  -CAfile 
/home/sympa/bin/etc/ca-bundle.crt -CApath /home/sympa/bin/etc/ -signer 
/tmp/foo
Verification failure
16129:error:21075075:PKCS7 routines:PKCS7_verify:certificate verify 
error:pk7_smime.c:222:Verify error:certificate is not yet valid


+++ address@concealed <address@concealed> [06/11/08 11:05]:
> Redmond Militante wrote:
> 
> >Thanks for your help.
> >
> I just added a item in the FAQ about this : 
> http://www.sympa.org/wiki/faq/micellaneous

-- 
Redmond Militante / NSIT / The University of Chicago
PGP Public Key: <http://home.uchicago.edu/~rjm/pubkey.asc>