Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

How to use Thunderbird 78 + Gpg4win + Yubikey

more options

I had been using Thunderbird + Enigmail + Gpg4win + Yubikey to sign and encrypt my emails and the setup worked pretty well. However, after updating to Thunderbird 78, which has built-in OpenPGP support, I'm having trouble to configure it to work with my Yubikey.

Following is my GPG keyring:

PS C:\Users\DDoSolitary> gpg -K --keyid-format long C:/Users/DDoSolitary/AppData/Roaming/gnupg/pubring.kbx


sec# ed25519/50268311C7AD3F62 2017-09-02 [SC]

     688E1D093C3638F588890D4450268311C7AD3F62

uid [ultimate] DDoSolitary <DDoSolitary@gmail.com> uid [ultimate] DDoSolitary <DDoSolitary@outlook.com> ssb> rsa4096/A7A1C4F99C807AD4 2019-03-21 [A] ssb> rsa4096/F091309F5863457C 2019-03-21 [E] ssb> rsa4096/90A79E1B71BC0CB1 2019-03-21 [S]

The master key is kept offline and the subkeys are stored in my Yubikey and are used to sign/encrypt messages.

What I've tried:

1. Enable "mail.openpgp.allow_external_gnupg" according to https://wiki.mozilla.org/Thunderbird:OpenPGP:Smartcards 2. Add my key ID to in the "End to End Encryption" section of Account Settings (I've tried key ID of the master key and the signing subkey, both of which don't work) 3. Write a new message, check "Security > Digitally Sign This Message", then click Send.

I've checked that the GPGME library (C:\Program Files (x86)\GnuPG\bin\libgpgme-11.dll) is in the PATH environment variable. As Gpg4win only provides 32-bit builds, I also reinstalled the 32-bit version of Thunderbird.

Unfortunately, I always get "Unable to send the message, because there is a problem with your personal key. The configured key ID 'xxx' cannot be found on your keyring."

I had been using Thunderbird + Enigmail + Gpg4win + Yubikey to sign and encrypt my emails and the setup worked pretty well. However, after updating to Thunderbird 78, which has built-in OpenPGP support, I'm having trouble to configure it to work with my Yubikey. Following is my GPG keyring: PS C:\Users\DDoSolitary> gpg -K --keyid-format long C:/Users/DDoSolitary/AppData/Roaming/gnupg/pubring.kbx ------------------------------------------------------ sec# ed25519/50268311C7AD3F62 2017-09-02 [SC] 688E1D093C3638F588890D4450268311C7AD3F62 uid [ultimate] DDoSolitary <DDoSolitary@gmail.com> uid [ultimate] DDoSolitary <DDoSolitary@outlook.com> ssb> rsa4096/A7A1C4F99C807AD4 2019-03-21 [A] ssb> rsa4096/F091309F5863457C 2019-03-21 [E] ssb> rsa4096/90A79E1B71BC0CB1 2019-03-21 [S] The master key is kept offline and the subkeys are stored in my Yubikey and are used to sign/encrypt messages. What I've tried: 1. Enable "mail.openpgp.allow_external_gnupg" according to [https://wiki.mozilla.org/Thunderbird:OpenPGP:Smartcards https://wiki.mozilla.org/Thunderbird:OpenPGP:Smartcards] 2. Add my key ID to in the "End to End Encryption" section of Account Settings (I've tried key ID of the master key and the signing subkey, both of which don't work) 3. Write a new message, check "Security > Digitally Sign This Message", then click Send. I've checked that the GPGME library (C:\Program Files (x86)\GnuPG\bin\libgpgme-11.dll) is in the PATH environment variable. As Gpg4win only provides 32-bit builds, I also reinstalled the 32-bit version of Thunderbird. Unfortunately, I always get "Unable to send the message, because there is a problem with your personal key. The configured key ID 'xxx' cannot be found on your keyring."

Chosen solution

All Replies (4)

more options

Chosen Solution

If you do not get answer here, visit https://thunderbird.topicbox.com/groups/e2ee

more options

Wayne Mery said

If you do not get answer here, visit https://thunderbird.topicbox.com/groups/e2ee

Thanks for the link. I found some relevant conversations there.

more options

DDoSolitary said

Wayne Mery said

If you do not get answer here, visit https://thunderbird.topicbox.com/groups/e2ee

Thanks for the link. I found some relevant conversations there.

Could you please share the link to those conversations? I have the same problem but did not find them.

more options

Hello, i've got the same issue here. Juste before the update everything was working fine and sadly, now with the 78 version i cannot encrypt/decrypt anymore. Is there some workaround ? (and maybe post a correct solution here) Thanks for anyone help.

Modified by steven.demarco