Kevin J. McCarthy writes: > On Sat, Sep 12, 2020 at 09:32:35AM +0100, isdtor wrote: > >The next step is to export my own cert with gpgsm and create the > >openssl hash, then set smime_default_key to the same. With this > >setting, I can no longer send encrypted mail at all, the error message > >is: > > > > error encrypting data: No public key? > > As I noted on mutt-users I don't use S/MIME and haven't done so with > GPGME except to test things (and that was a few years ago, when I still > had a working test cert). > > Have you tried using `gpgsm --list-keys <your-email-address>`? That > should generate output with a line like "ID: 0x12345678", which should > mean adding to your .muttrc: > > set smime_default_key = "0x12345678" That was actually embarrassingly simple ... and worked! At least in a test setup, I'll still need to test it in production. I was pretty certain I had tested this already. But maybe another part of the config wasn't correct at the time.
Still, the manual is not correct here, or at least incomplete. Assuming the openssl hash is still the right id for non-gpgme configurations, maybe this could be added. --- init.h.dist 2020-09-12 23:55:31.674866057 +0100 +++ init.h 2020-09-13 00:00:47.631884948 +0100 @@ -3659,7 +3659,8 @@ ** set to the keyid (the hash-value that OpenSSL generates) to work properly. ** .pp ** It will be used for encryption (see $$postpone_encrypt and - ** $$smime_self_encrypt). + ** $$smime_self_encrypt). If GPGME is enabled, this is the key id displayed + ** by gpgsm. ** .pp ** It will be used for decryption unless $$smime_decrypt_use_default_key ** is \fIunset\fP. https://www.gnupg.org/documentation/manuals/gnupg/Specify-a-User-ID.html explains how gpg tools arrive at the key id for x509 certs.
