[openssl-users] How to "unwrap" S/MIME messages using openssl?

Blumenthal, Uri - 0553 - MITLL uri at ll.mit.edu
Thu Apr 6 17:25:22 UTC 2017

I’m trying to debug the case of a (bad) email client sending encrypted S/MIME email that the recipient cannot decrypt (we suspect the problem is that the sender chooses a wrong public key/certificate to encrypt to).


Unfortunately, recipient email clients do not help figuring this out. All they say is “you do not have the right key…”.


My goal is to “unwrap” the CMS/SMIME message, and print out some identity of the recipient key/cert (anything that would allow me to tie this email to any of the keys I have, or to ascertain that it’s none of those) would help greatly. Printing out other details, such as “algorithms used” would also be helpful.


I’m sure it’s possible to write an application to do that. But I strongly suspect that the “openssl” command line tool would be able to address this problem. 


Would somebody on this list please show me how I can print the “metadata” (yes, that big word ☺) of the S/MIME email using openssl?







-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20170406/07b29f72/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5211 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20170406/07b29f72/attachment.bin>

More information about the openssl-users mailing list