Checking a single signature from several in S/MIME

Laurent Blume laurent at elanor.org
Tue Jun 8 10:01:24 UTC 2021


Hello list,

I'm signing a file using SMIME with 2 signers.

When trying to check the signature with only one of the two signers, it 
fails with a "signer certificate not found". Using both signers, it 
succeeds.

Is there a way to be able to check the signature with a single signer, 
not all of them?

// Signing

openssl smime -binary -sign -nodetach -in file -out file.signed -inkey 
key1.pem -signer cert1.pem -inkey key2.pem -signer cert2.pem

// this command fails with signer certificate not found"

openssl smime -binary -verify -nointern -noverify -certfile cert1.pem 
-in file.sign -out file.checked

// this command succeeds and write both certificates in file.signer

openssl smime -binary -verify -noverify -certfile cert1.pem -in 
file.sign -out file.checked -signer file.signer

// This command succeeds
openssl smime -binary -verify -nointern -noverify -certfile file.signer 
-in file.sign -out file.checked

thanks in advance for any suggestion,

Laurent





More information about the openssl-users mailing list