[imp] SMIME verify
Michael M Slusarz
slusarz at mail.curecanti.org
Tue Oct 4 07:19:25 PDT 2005
Quoting Dmitriy MiksIr <miksir at maker.ru>:
>
>
> Jan Schneider wrote:
>> Zitat von Dmitriy MiksIr <miksir at maker.ru>:
>>
>>>
>>> Jan Schneider wrote:
>>>> Zitat von Dmitriy MiksIr <miksir at maker.ru>:
>>>>
>>>>> Hi, what the message 'Message Verified Successfully but the signer's
>>>>> certificate could not be verified' does mean? Sertificate of CA not
>>>>> exist in trusted? Can it be because used chained certificate?
>>>> Yes and yes.
>>>>
>>>> Jan.
>>>>
>>> Ok, what about chained certs? It's IMP trouble or php/openssl? How i
>>> understand, certs of all CA included in smime sign.
>>
>> But probably not the cert of the root CA. These are usually in a cert
>> file on your system that you can configure for IMP. If you did this
>> already, then the root cert of your chain is not in this cert bundle,
>> or there is a problem with openssl. The actual verification happens in
>> openssl, triggered by PHP.
>>
>
> Thanks. I recreate CA bundle file from IE base of trusted CA's and all
> ok now.
> Maybe include file of trusted CA's in IMP pack? IMHO, OpenSSL by default
> havn't bundle file.
Including openssl specific-data/trusted CA's in IMP's distribution is
not a good idea. However, a patch with documentation/instructions for
imp/docs/INSTALL (or horde/docs/INSTALL) on how to generate this file
locally would be great.
michael
_______________________________________
Michael Slusarz [slusarz at curecanti.org]
More information about the imp
mailing list