Fragen mit folgendem Schlagwort anzeigen:

S/MIME encryption cannot find recipient's address despite valid cert in CertMgr/certutil

Hi, I have successfully added my personal certificate in my account's E2EE and I can ever since digitally sign messages. Yay! After importing a multiple valid certificate… (Lesen Sie mehr)

Hi,

I have successfully added my personal certificate in my account's E2EE and I can ever since digitally sign messages. Yay! After importing a multiple valid certificates for recipients, I tried to send encrypted emails to some of these (one recipient per email draft). All of them highlight the recipient's address in yellow with a yellow status bar: "End-to-end encryption requires resolving certificate issues for [recipient address]"

Clicking on the button "S/MIME" -> "View Certificates Of Recipients", a window comes up showing the address with the status "Not found". When I open "Settings -> Privacy & Security -> Certificate Manager", I see the certificates present with valid dates. Using certutil to investigate cert9.db in Thunderbird's profile folder, I also see the certificates being in there, but what struck me was the trust status: [...] Fingerprint (SHA-256): 

       7B:DF:9F:28:F2:B4:42:5E:37:06:EE:B8:D6:22:0C:70:12:05:F8:33:26:10:5A:1C:03:21:65:2A:C0:C3:3F:5E
   Fingerprint (SHA1):
       56:43:79:93:41:E0:8B:16:0A:FC:64:3E:74:B6:6F:F8:4E:67:93:D4

   Mozilla-CA-Policy: false (attribute missing)
   Certificate Trust Flags:
       SSL Flags:
       Email Flags:
       Object Signing Flags:

I changed the Trust flags (first for emails, then for SSL email) by running certutil -M -n <recipient's email addresss> -t ",P," -d <certdir>

This lead to 

Fingerprint (SHA-256):
       7B:DF:9F:28:F2:B4:42:5E:37:06:EE:B8:D6:22:0C:70:12:05:F8:33:26:10:5A:1C:03:21:65:2A:C0:C3:3F:5E
   Fingerprint (SHA1):
       56:43:79:93:41:E0:8B:16:0A:FC:64:3E:74:B6:6F:F8:4E:67:93:D4

   Mozilla-CA-Policy: false (attribute missing)
   Certificate Trust Flags:
       SSL Flags:
       Email Flags:
           Terminal Record
           Trusted
       Object Signing Flags:

Whils I am not sure if this makes any difference to my beforementioned problem, I realize "Mozilla-CA-Policy: false (attribute missing)". How can I address this missing attribute and what can I do to get my emails encrypted, please?

Offen
Thunderbird Encryption

Passwords/Logins not stored when using network drive

Hi @ all, When using TB as a LDAP-User, logins.json and key4.db are NOT created on the (mounted) home directory. here's my setup: Debian 12 with a local user as well as r… (Lesen Sie mehr)

Hi @ all,

When using TB as a LDAP-User, logins.json and key4.db are NOT created on the (mounted) home directory.

here's my setup: Debian 12 with a local user as well as remote users, administrated via LDAP. PAM-login for local and ldap users has been setup and is working. Automounting of network drives is working. Each LDAP user has their home directory stored on a Fileserver and mounted upon login. All applications are working as intended except thunderbird.

So far I've tried to run gnupg locally instead of having it start a session from the (mounted) home directory, assuming that gnupg is the corresponding means of de/encryption. I've copied the profile of the local user to be used as the profile of the LDAP user, logins.json is completely ignored by TB.

Upon starting of TB, passwords are asked for and are remembered in the session. But passwords/logins are not stored and available for the next session.

Any ideas?

Gelöst Archiviert 1 343
Thunderbird Save passwords
jamestibiriuskirk beantwortet vor 1 Jahr