diff --git a/src/main/java/org/jscep/message/PkiMessageDecoder.java b/src/main/java/org/jscep/message/PkiMessageDecoder.java
index 9400f664..23a028d5 100644
--- a/src/main/java/org/jscep/message/PkiMessageDecoder.java
+++ b/src/main/java/org/jscep/message/PkiMessageDecoder.java
@@ -131,6 +131,8 @@ public PkiMessage<?> decode(final CMSSignedData pkiMessage)
                             .getCertificate( cert );
                     verifier = new JcaSimpleSignerInfoVerifierBuilder().build(javaCert.getPublicKey());
                 }
+                // ensure that the encoding used of the signed attributes are the one specified in the original message
+                signerInfo = new SCEPSignerInformation(signerInfo);
                 if (signerInfo.verify(verifier) == false) {
                     final String msg = "pkiMessage verification failed.";
                     LOGGER.warn(msg);
@@ -286,4 +288,16 @@ private FailInfo toFailInfo(final Attribute attr) {
 
         return FailInfo.valueOf(Integer.valueOf(string.getString()));
     }
+
+    private static class SCEPSignerInformation extends SignerInformation {
+
+        protected SCEPSignerInformation(SignerInformation baseInfo) {
+            super(baseInfo);
+        }
+
+        public byte[] getEncodedSignedAttributes()
+                throws IOException {
+            return signedAttributeSet.getEncoded();
+        }
+    }
 }