[openssl-users] help with timestamping

Alex Samad alex at samad.com.au
Tue Apr 19 03:55:55 UTC 2016


I have a SHA.sha file

/usr/bin/openssl ts -query -data SHA.sha -sha256 | /usr/bin/curl -s -H
Content-Type:application/timestamp-query --data-binary @-
http://sha256timestamp.ws.symantec.com/sha256/timestamp > SHA.sha.tsr

/usr/bin/openssl ts -reply -in SHA.sha.tsr -text  > SHA.sha.ts.txt

cat SHA.sha.ts.txt
Status info:
Status: Granted.
Status description: unspecified
Failure info: unspecified

TST info:
Version: 1
Policy OID: 2.16.840.1.113733.
Hash Algorithm: sha256
Message data:
    0000 - 8c 6d 95 5b e0 cd 8b c9-df 8c ab 57 45 c4 69 e6   .m.[.......WE.i.
    0010 - 7a b9 ce cb 14 8f 55 25-91 2e 57 37 3e 5c b8 d5   z.....U%..W7>\..
Serial number: 0x570B9C3A11CA318E2478D3680C0FEFD9238E06AB
Time stamp: Apr 19 03:52:25 2016 GMT
Accuracy: 0x1E seconds, unspecified millis, unspecified micros
Ordering: no
Nonce: 0x580E59D87F396B25
TSA: DirName:/C=US/O=Symantec Corporation/OU=Symantec Trust
Network/CN=Symantec SHA256 TimeStamping Signer - G1

But when I go to verify it

 openssl ts -verify -data SHA.sha -in SHA.sha.tsr
Verification: FAILED
routines:PKCS7_get0_signers:signer certificate not

is this because I didn't provide a cert to sign it with ?

I just want to verify the timestamp.


More information about the openssl-users mailing list