bhargava

Hi, I am using php openssl for verifying the signatures. My usecase is like this: 1. I want to send notifications to my clients (web servers). Naturally, I do a POST. As I want security, I am also sending a signature (will explain what kind later) in the POST request. 2. Client will have to verify the signature that request indeed came from me and was not tampered. Now for signature, 1. I am signing request parameters using private key of x509 certificate. 2. I will publish a public key certificate for the client which she uses to verify the signature i sent. So far so good? Now the problem : From my side I am using algorithm 'SHA256withRSA' (in Java) for signature generation. But my client is using PHP? I don't see anyplace when openssl supports this algorithm I could only find SHA1_WITH_RSA. Is there any way, I can verify the SHA256withRSA signature? perhaps a different library or some hidden openssl gotcha btw, i got it working with sha1withRSA, but i want SHA256withRSA .....