Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

Pomoc pśepytaś

Glědajśo se wobšudy pomocy. Njenapominajomy was nigda, telefonowy numer zawołaś, SMS pósłaś abo wósobinske informacije pśeraźiś. Pšosym dajśo suspektnu aktiwitu z pomocu nastajenja „Znjewužywanje k wěsći daś“ k wěsći.

Dalšne informacije

End-to-end encryption issue...

  • 2 wótegronje
  • 1 ma toś ten problem
  • 1 naglěd
  • Slědne wótegrono wót christ1

more options

I have updated two e-mail clients to V.78. Both under OS-X.

On the first I created a PGP certificate for one e-mail account and saved that. E-mails show the certificate attached with Open PGP. That worked just great.

On a mobile device I can see that certificate signed using Open PGP for encryption (obviously requiring PK exchange before encryption can take place).

On the other mac, previously equipped with several CACert Identity verification certificates for a number of accounts, I have installed the certificate exported from the first machine on its mirror account - that verifies ok - this is not a certificate import/export problem. BUT the account will not send using PGP. It defaults to S/MIME and then complains that the CACert ID certificate is non-existent or expired - in fact it was expired and was deleted months ago and so is now non-existent.

Note that on this second machine there are 5 or 6 accounts, three of which have CACert ID certificates but the account which I was working on with the PGP certificate is no longer covered by a CACert ID certificate although it was previously so covered.

Is there a way to force Thurderbird to just stick with the PGP encryption certificate and to not try to find a non-existent CACert ID certificate for this account (or at all)?

Best regards,

Ian Beeby

I have updated two e-mail clients to V.78. Both under OS-X. On the first I created a PGP certificate for one e-mail account and saved that. E-mails show the certificate attached with Open PGP. That worked just great. On a mobile device I can see that certificate signed using Open PGP for encryption (obviously requiring PK exchange before encryption can take place). On the other mac, previously equipped with several CACert Identity verification certificates for a number of accounts, I have installed the certificate exported from the first machine on its mirror account - that verifies ok - this is not a certificate import/export problem. BUT the account will not send using PGP. It defaults to S/MIME and then complains that the CACert ID certificate is non-existent or expired - in fact it was expired and was deleted months ago and so is now non-existent. Note that on this second machine there are 5 or 6 accounts, three of which have CACert ID certificates but the account which I was working on with the PGP certificate is no longer covered by a CACert ID certificate although it was previously so covered. Is there a way to force Thurderbird to just stick with the PGP encryption certificate and to not try to find a non-existent CACert ID certificate for this account (or at all)? Best regards, Ian Beeby

Wubrane rozwězanje

RESOLVED - The issue was that there was a residual record that I had a key for that account:

Tools-> Account Settings -> End-to-end Encryption -> Manage S/MIME Certificates

Then find the name/e-mail address and delete the certificate authority for that account. The e-mail address you are looking for is the one which you now seek to protect with the PGP certificate.

Ian

Toś to wótegrono w konteksće cytaś 👍 0

Wšykne wótegrona (2)

more options

Wubrane rozwězanje

RESOLVED - The issue was that there was a residual record that I had a key for that account:

Tools-> Account Settings -> End-to-end Encryption -> Manage S/MIME Certificates

Then find the name/e-mail address and delete the certificate authority for that account. The e-mail address you are looking for is the one which you now seek to protect with the PGP certificate.

Ian

more options
On the other mac ... I have installed the certificate exported from the first machine on its mirror account

When exporting the key on the first machine, did you include the private key?

BUT the account will not send using PGP. It defaults to S/MIME

In a Write window, from the Security drop-down menu in the Composition Toolbar you can select which Encryption Technology to use - OpenPGP or S/MIME.

You can also select which one shall be preferred, if both, OpenPGP, and S/MIME is set up for the account. That's underneath End-To-End Encryption in the Account Settings for the particular account.