On 16 Feb 2017, at 11:29, Benny Kjær Nielsen wrote: >> 1. I'm wondering how this works as I can't remember to send my S/MIME >> certificate. Is there something like a key-server for S/MIME as well? > > No, but when you sign a message then the recipient gains the ability to > encrypt messages to you if they add your certificate to the keychain.
I think in S/MIME exist different types of certificates as I own one for signing but that can't be used for encryption. Not sure how this is handled. What is strange is this: I received an email where MM stated that it was successfully S/MIME decrypted. But I don't have any S/MIME encrypting certificate. So I'm wondering why MM displays this message. Further I don't have a clue how the one who send me the email would have gained access to my S/MIME certificates. > I think this happens automatically in Apple Mail. In MailMate you have to > explicitly add it to the keychain. How do I add this to the keychain? Can I access the certificate anyhow? >> 2. Answering the email with encryption & signing doesn't work. I get: >> "Failed to find valid certificate to encrypt for xyz....@abc.com. The >> specified item could not be found in the keychain. Error code: -25300" >> (Note: This text is shown twice). But I can see the certificate for the >> recipient in one of my keychains. > > The error code means that it couldn't find a valid certificate. For whom? For me or the guy I'm going to send an email to? > Have you checked that it's not expired or otherwise not trusted (view it in > Keychain Access)? Yes, and I think it's correct. > For debugging, you can send me the certificate off list and I can try > creating a message myself. Done. >> 3. When trying to send the email I need to enter the password for a signing >> certificate I own. This is the first keychain in the keychain app. But this >> certificate is not for encryption. Could it be that MM just access the first >> keychain and doesn't search through all of them? > > MailMate doesn't specify a specific keychain when doing certificate searches, > but I think the system library looks in the login keychain first. I see the "Signing" and "Email Encryption" certificate there. > When signing then MailMate only looks for certificates which can be used for > signing. Which seems to work as I'm asked to enter the password for the USB token. > S/MIME and OpenPGP users should update to the latest test release (r5346). > I've made several changes which I would like to have tested including an > important bug fix for S/MIME (which I would like to release soon). Ok, will do. -- Robert M. Münch, CEO M: +41 79 65 11 49 6 Saphirion AG smarter | better | faster http://www.saphirion.com http://www.nlpp.ch
signature.asc
Description: OpenPGP digital signature
_______________________________________________ mailmate mailing list mailmate@lists.freron.com https://lists.freron.com/listinfo/mailmate
