Hi,

I'm fooling around with S/MIME on a Windows install of OTRS 2.1.3, with OpenSSL 0.9.8d installed manually.

It seems as if the signing and encryption of e-mails actually works, but OTRS does not believe it does, because of the output from openssl.

In: C:\OTRS\otrs\Kernel\System\Crypt\SMIME.pm, the lines:

    open (SIGN, "$Self->{Bin} smime -sign -passin pass:".quotemeta($Secret)." -in $Filename -out $FilenameSign -text -signer $FilenameCertificate -inkey $FilenamePrivate -binary 2>&1 |");

    while (<SIGN>) {
        $LogMessage .= $_;
    }
    close (SIGN);
    if ($LogMessage) {
        $Self->{LogObject}->Log(Priority => 'error', Message => "Can't sign: $LogMessage!");
        return;
    }

Logs the error message:
Can't sign: Loading 'screen' into random state - done

But when running the openssl command manually from a prompt, the "Loading 'screen' into random state - done" always shows and the signing actually happens as it's supposed to.

If changing the openssl command in SMIME.pm to something like:

    open (SIGN, "$Self->{Bin} smime -sign -passin pass:".quotemeta($Secret)." -in $Filename -out $FilenameSign -text -signer $FilenameCertificate -inkey $FilenamePrivate -binary > c./OTRS/otrs/var/tmp/otrstemp.tmp 2>&1 |");

Everything is redirected to a file and the command works as supposed to.
But doing this (redirecting to a file), also makes OTRS believe that everything went fine in case of errors (i think).

Same is the case for the encryption part of SMIME.pm.

Does any of you know how i can make the "Loading 'screen' into random state - done" go away without touching SMIME.pm ??

Like using the openssl.cnf file or something?

I haven't been able to google my way to a solution.
Any ideas?

Thanks.

--
/Sune