LinuxCommandLibrary

smime.1s

Encrypt or decrypt S/MIME messages

SYNOPSIS

openssl smime [options] [infile]

PARAMETERS

-encrypt
    Encrypt the input using S/MIME. Requires recipient certificates to be specified.

-decrypt
    Decrypt the input using S/MIME. Requires the user's private key and certificate.

-sign
    Sign the input using S/MIME. Requires the user's private key and certificate.

-verify
    Verify the signature of an S/MIME message. Requires the signer's certificate or CA certificate.

-pk7out
    Output the PKCS#7 structure.

-text
    Convert MIME message to text format

-in file
    Input file (default stdin).

-out file
    Output file (default stdout).

-signer file
    Signer certificate file (for signing).

-inkey file
    Signer private key file (for signing).

-recip file
    Recipient certificate file (for encryption).

-descert file
    Decryption certificate (for decryption).

-deskey file
    Decryption private key file (for decryption).

-certfile file
    File containing additional certificates.

-CAfile file
    Trusted CA certificate file.

-CApath directory
    Trusted CA certificate directory.

-nointern
    Do not search certificates contained in message for the signer

-noverify
    Do not verify the signers certificate.

-noattr
    Don't include any signing attributes.

-nodetach
    Create opaque signed data.

-binary
    Treat input as binary

DESCRIPTION

The smime command is a versatile tool within the OpenSSL library that facilitates various tasks related to Secure/Multipurpose Internet Mail Extensions (S/MIME). S/MIME is a standard for public key encryption and signing of MIME data. This command can be used to encrypt, decrypt, sign, verify, and manipulate S/MIME messages.
It leverages cryptographic algorithms to ensure confidentiality, integrity, and authenticity of email communications and other data formats.
Common uses include securing email correspondence, verifying digital signatures on documents, and converting between different S/MIME formats. smime offers a range of options to customize its behavior, like specifying certificates, keys, and encryption algorithms. It's a valuable utility for system administrators and developers working with secure messaging and data handling. This utility is an essential part of securing electronic communication, ensuring sensitive information remains protected from eavesdropping and tampering.

EXAMPLES

To sign an S/MIME message: openssl smime -sign -signer mycert.pem -inkey mykey.pem -in message.txt -out signed_message.txt To encrypt a message: openssl smime -encrypt -recip recipient1.pem -recip recipient2.pem -in message.txt -out encrypted_message.txt

SEE ALSO

openssl(1), x509(1)

Copied to clipboard