You don't ever want to sign with a public key, because that signature is then meaningless. Many people have a public key. Only one person (the signer) should have a private key. If you did sign with a public key, anyone else having that public key could also create a signature that is equally as valid. There would be no way to determine who actually signed it, which defeats the purpose of signatures. Also, there would be no way to verify a signature signed with a public key because no one would have the private key.
You always sign with a private key and verify with a public key.
Your signature can be accompanied by an X509 Certificate. If the certificate is signed by a trusted entity, then whoever has this certificate and trusts it, can also trust the signature that was generated by the private key corresponding to the public key that is in the certificate.
The link you gave in your question contains the openssl commands to verify a signature. In addition to the openssl dgst
and openssl rsautl
methods to verify a signature, you can also use openssl pkeyutl.
openssl pkeyutl -verify -in data -sigfile signature.bin -pubin -inkey pubkey.pem