Sign then encrypt the symmetric passphrase for your Partner

Use openssl command to sign the symmetric passphrase document. This will append a digital signature so that it can be used to verify the originator and the original content.

$ openssl smime -sign -signer cln-pubcert.pem -inkey cln-prvkey.pem \
		-outform pem -nodetach -binary -in passphrase-$$ \ 
		-out passphrase-$$.sig 
		

Use openssl command to further encrypt the key. This will apply the recipient’s public key to the file so only the recipient can read the passphrase.

$ openssl smime -encrypt -des3 -binary -outform pem -in passphrase-$$.sig \
		-out passphrase-$$.sig.enc vdr-pubcert.pem