[openssl-dev] openssl cms unable to access keys on token?
David Woodhouse
dwmw2 at infradead.org
Mon Mar 14 21:33:52 UTC 2016
On Mon, 2016-03-14 at 21:28 +0000, Blumenthal, Uri - 0553 - MITLL
wrote:
> You are right - the command line was wrong. Here’s the correct line,
> which
> should work, but doesn’t:
>
> $ openssl cms -engine pkcs11 -aes256 -encrypt -in data.txt -binary
> -outform PEM -out data.txt.enc
> "pkcs11:object=Certificate%20for%20Key%20Management;object-type=cert"
Yeah, that won't work either.
Perhaps you need the "-certform engine" option.
Which doesn't exist. :)
(My mailer doesn't seem to trust your signing cert, btw. Should you be
including an intermediate certificate in your messages? For that
matter, should I? :)
--
David Woodhouse Open Source Technology Centre
David.Woodhouse at intel.com Intel Corporation
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5691 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20160314/9db38a6b/attachment.bin>
More information about the openssl-dev
mailing list