Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Thunderbird grabbing old, wrong encryption certificate for recipient from "somewhere" despite all attempts to use newer, correct certificate

  • 1 reply
  • 1 has this problem
  • 5 views
  • Last reply by Matt

more options

I am trying to send encrypted email to recipient. This person has changed their email address. Let's suppose it used to be bob@email.com and now it's robert.t.bruce@email.com Because they are still who they have always been, there's a newer certificate with different expiration date and email, but has same name.

Anyway, I hit reply to the person's signed email they sent me. Thunderbird "can't find" a certificate for that person. Despite that certificate sitting there in my inbox. If I go in to the certificate manager, I see that there's a certificate for him under his old email address like BRUCE.ROBERT.123456 bob@email.com

Now get this: I delete that certificate. Am I sure? Yes. Close and open the manager, and that certificate is gone. Deleted, right?

I go back to my inbox. I view the certificate he signed the email with, it has the same name BRUCE.ROBERT.123456, but the email address is now the new and correct robert.t.bruce@email.com

So I Export this certificate to BruceRobert123456.cer file. And I open certificate manager and Import that certificate .cer file. I close and re-open certificate manager and, hey, it's not there. I just imported it, but it's not listed. Very weird.

I go back to my Inbox, again hit reply to his signed email and I get the same problem, certificate not found for robert.t.bruce@email.com. If I go into certificate manager, the evil, old certificate with bob@email.com has re-appeared! How can this be? Where in the world is this coming from? Where did Thunderbird get the old certificate from???

This is maddening, failed software.

All Replies (1)

more options

Start by turning off the option to use the display name from your address book. Options > Display > Advanced.

Is the name on the email even the same now, or what the change you saw only due to your diligence updating the address book.