[ < ] [ > ]   [ << ] [ Up ] [ >> ]         [Top] [Contents] [Index] [ ? ]

9. Using S/MIME Signatures

Anubis version 4.1.1 does not yet provide built-in support for S/MIME encryption or signing. To encrypt or sign messages using S/MIME, you will have to use external programs. Usually such programs require the whole message as their input, so simply using external-body-processor will not work. GNU Anubis distribution includes a special Guile program, ‘entire-msg.scm’, designed for use with such programs. For its detailed description, please refer to Entire Message Filters. This chapter addresses a special case of using it with openssl to sign outgoing messages.

To use openssl for S/MIME signing, invoke it using openssl-filter function defined in ‘entire-msg.scm’. You will have to supply at least -sign and -signer arguments to the program. Notice, that you should not specify any input or output files.

The following example illustrates this approach:

 
BEGIN GUILE
guile-load-program entire-msg.scm
END

BEGIN RULE
guile-process openssl-filter /usr/local/ssl/bin/openssl \
              smime -sign -signer FILE
END

This document was generated by Sergey Poznyakoff on December, 20 2008 using texi2html 1.78.