Use openssl command to sign the symmetric passphrase document. This will append a digital signature so that it can be used to verify the originator and the original content.
$ openssl smime -sign -signer cln-pubcert.pem -inkey cln-prvkey.pem \ -outform pem -nodetach -binary -in passphrase-$$ \ -out passphrase-$$.sig
Use openssl command to further encrypt the key. This will apply the recipient’s public key to the file so only the recipient can read the passphrase.
$ openssl smime -encrypt -des3 -binary -outform pem -in passphrase-$$.sig \ -out passphrase-$$.sig.enc vdr-pubcert.pem