Hi, I am novice to the "World of cryptography". I started working with OPENSSL. I need some information and basically I do have some doubts. I have a DER format file. I read the file using following command, "openssl x509 -inform DER -in filename.der -text" I got what I supposed to be.

Following things I wanted to know: 1. What is the difference between PKCS7, DER and X509 ? (My understanding is, DER is format, X509 is certificate, and PKCS7 is the standard)

1. I wrote a test file which accepts the DER file and outputs the version, serial number, Subject, Validity date before and Validity date after, But I am unable to get certificate verified. Following is the API Used.

   int i = X509_verify(X509 *x509 , X509_get_pubkey(X509 *x509)); But 'i' value is 'i' < 0(zero) This is why I am getting "Signature verification problems". How to overcome this?

2. In My test file I am unable to read the "Signature Algorithm", "Subject Public Key Info", "X509v3 extensions" and "-----BEGIN CERTIFICATE-----" to "-----END CERTIFICATE-----"

Please give some inputs.

Thanks in Advance. openSid