Rechercher dans l’assistance

Évitez les escroqueries à l’assistance. Nous ne vous demanderons jamais d’appeler ou d’envoyer un SMS à un numéro de téléphone ou de partager des informations personnelles. Veuillez signaler toute activité suspecte en utilisant l’option « Signaler un abus ».

En savoir plus

S/MIME certificates from other people not working

  • 6 réponses
  • 1 a ce problème
  • 1 vue
  • Dernière réponse par Dana

more options

Hi,

I switched from Windows Live Mail to Thunderbird 91 recently (clean install, Windows 10 Pro). My workplace uses Gsuite, I set up IMAP (port 993) in Thunderbird and I'm getting and sending emails just fine. Me and my colleagues use S/MIME certificates by Actalis.

The thing is, I can decrypt most of my colleague emails but there are a couple of people where Thunderbird crossed out the S/MIME icon and says "There are unknown problems with this encrypted message." In Windows Live Mail I can see it's encrypted and I can read it just fine. It's just Thunderbird that's being funny.

After switching from Windows Live Mail, I haven't done anything with the certificates. I'm not sure why it can decrypt some people but it can't decrypt others. Their certificates are all valid and they appear in the certificate manager in Thunderbird.

I'm not really sure what I'm doing wrong or how to fix it, so any help would be appreciated!

Hi, I switched from Windows Live Mail to Thunderbird 91 recently (clean install, Windows 10 Pro). My workplace uses Gsuite, I set up IMAP (port 993) in Thunderbird and I'm getting and sending emails just fine. Me and my colleagues use S/MIME certificates by Actalis. The thing is, '''I can decrypt most of my colleague emails''' but there are a couple of people where Thunderbird crossed out the S/MIME icon and says "There are unknown problems with this encrypted message." In Windows Live Mail I can see it's encrypted and I can read it just fine. It's just Thunderbird that's being funny. After switching from Windows Live Mail, I haven't done anything with the certificates. I'm not sure why it can decrypt some people but it can't decrypt others. Their certificates are all valid and they appear in the certificate manager in Thunderbird. I'm not really sure what I'm doing wrong or how to fix it, so any help would be appreciated!

Solution choisie

Okay, I seem to have fixed it. The emails were sent to a group email, all I needed to do was reinstall the certificate for that group email, set up an identity for my own email and restart Thunderbird.

Lire cette réponse dans son contexte 👍 0

Toutes les réponses (6)

more options

Thunderbird has a strict interpenetration of the specification. The most common issue is the sender is not actually using the address the certificate is for. For instance BWinton and BillWinton are NOT the same email addresses even if they may be the same person. Other common failures is a certificate to "Assistant@Domain being used by BillWinton@Domain because he is the assistant.

It is also possible the person is using an anti virus that actually edits the email (perhaps to put in a meaningless scanned by message.) the result being the checksum of the signed message is not valid, so the message is not secure.

Modifié le par Matt

more options

Thanks for your input, Matt!

Most coworkers use Thunderbird and don't have the same issue, so it has to be something else. Any way I can troubleshoot this?

more options

you might start by opening the error console (ctrl+Shift+J) and clearing it with the trash can icon. Then try opening one of these mails and see what appears as an error.

more options

Unfortunately there are no errors.

more options

otherwise You might see if there are any experts on the E2EE mailing list that know about logging. https://thunderbird.topicbox.com/groups/e2ee because like just about everything about s/mime there is basically no documentation of how it works or can be logged.

more options

Solution choisie

Okay, I seem to have fixed it. The emails were sent to a group email, all I needed to do was reinstall the certificate for that group email, set up an identity for my own email and restart Thunderbird.