Hi

I've just got a certficate from Thawte, and it has a header on it that
openssl doesn't like. The certificate looks like:

-----BEGIN PKCS #7 SIGNED DATA-----
(certificate)
-----END PKCS #7 SIGNED DATA-----

When I try to run it through openssl pkcs7, it refuses to run,
complaining:
14175:error:0906D06C:PEM routines:PEM_read_bio:no start
lineem_lib.c:644:Expecting: PKCS7

If I edit the file, and change the header/footer to be "--BEGIN PKCS7--" /
"--END PKCS7--", then openssl will process the file. So, it seems that
openssl is able to work with the file, just doesn't recognise the header

Any chance that this alternate header could also be supported by the
pkcs7 module, to save having so hack certificates?

Nick

__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majordomo@openssl.org