smime.1s
Encrypt or decrypt S/MIME messages
SYNOPSIS
openssl smime [options] [infile]
PARAMETERS
-encrypt
Encrypt the input using S/MIME. Requires recipient certificates to be specified.
-decrypt
Decrypt the input using S/MIME. Requires the user's private key and certificate.
-sign
Sign the input using S/MIME. Requires the user's private key and certificate.
-verify
Verify the signature of an S/MIME message. Requires the signer's certificate or CA certificate.
-pk7out
Output the PKCS#7 structure.
-text
Convert MIME message to text format
-in file
Input file (default stdin).
-out file
Output file (default stdout).
-signer file
Signer certificate file (for signing).
-inkey file
Signer private key file (for signing).
-recip file
Recipient certificate file (for encryption).
-descert file
Decryption certificate (for decryption).
-deskey file
Decryption private key file (for decryption).
-certfile file
File containing additional certificates.
-CAfile file
Trusted CA certificate file.
-CApath directory
Trusted CA certificate directory.
-nointern
Do not search certificates contained in message for the signer
-noverify
Do not verify the signers certificate.
-noattr
Don't include any signing attributes.
-nodetach
Create opaque signed data.
-binary
Treat input as binary
DESCRIPTION
The smime command is a versatile tool within the OpenSSL library that facilitates various tasks related to Secure/Multipurpose Internet Mail Extensions (S/MIME). S/MIME is a standard for public key encryption and signing of MIME data. This command can be used to encrypt, decrypt, sign, verify, and manipulate S/MIME messages.
It leverages cryptographic algorithms to ensure confidentiality, integrity, and authenticity of email communications and other data formats.
Common uses include securing email correspondence, verifying digital signatures on documents, and converting between different S/MIME formats. smime offers a range of options to customize its behavior, like specifying certificates, keys, and encryption algorithms. It's a valuable utility for system administrators and developers working with secure messaging and data handling. This utility is an essential part of securing electronic communication, ensuring sensitive information remains protected from eavesdropping and tampering.
EXAMPLES
To sign an S/MIME message: openssl smime -sign -signer mycert.pem -inkey mykey.pem -in message.txt -out signed_message.txt To encrypt a message: openssl smime -encrypt -recip recipient1.pem -recip recipient2.pem -in message.txt -out encrypted_message.txt
SEE ALSO
openssl(1), x509(1)