#3384 new
Robert

S/MIME Signing and Encryption

Reported by Robert | August 21st, 2024 @ 10:14 AM

I do have several certificates stored in my keychain. For some reason or other one of the certificates is not accepted anymore ( S/MIME: Failed to sign the message, Failed to encrypt the message) although it worked in the pas. All other certificates are ok. Using the same email address with Apple Mail works.

How can I check what causes the problem?

Thanks
Rober

Comments and changes to this ticket

  • benny

    benny August 23rd, 2024 @ 11:58 AM

    First, try updating to the latest test release: https://updates.mailmate-app.com/archives/MailMate_r6062.tbz

    Depending on the revision you are using now, you might get a better error message in the composer window which can point us in the right direction.

  • Robert

    Robert August 27th, 2024 @ 12:47 PM

    I went from 5973 to 6062.
    The message stays the same. Since I did not include the details when I opened the call here they are:

    S/MIME: Failed to sign the message
    Log S/MIME sign
    Sender robert@somedomain.xy
    Suggestion Verify that you have the certificate necessary to sign the message.

    I do have the necessary certificate in my keychain so I am a bit puzzled.

  • benny

    benny August 28th, 2024 @ 02:44 PM

    Ok, try again after enabling this hidden preference (debug output isn't as good as it should be for S/MIME, but it could provide a bit more info):

    defaults write com.freron.MailMate MmDebugSecurity -bool YES

    Make sure the certificate is valid and trusted.

  • Robert

    Robert August 29th, 2024 @ 08:30 AM

    Did that. I would have expected that there will be some output in /tmp but there is no /tmp/*mailmate* debug file present.

  • benny

    benny August 29th, 2024 @ 08:31 AM

    No, the additional output should be in the same place as before. Just expand the “Failed to sign the message” error message.

  • Robert

    Robert August 29th, 2024 @ 10:50 AM

    ok. Now I see it has changed ...

    Log S/MIME sign
    Searching for certificate of identity with address “robert@somedomain.xy” for signing
    Searching default keychain
    Looking for candidates (robert@somedomain.xy)
    Found 3 candidate(s)
    Searching all keychains
    Looking for candidates (robert@somedomain.xy)
    Found 3 candidate(s)
    Sender robert@somedomain.xy
    Suggestion Verify that you have the certificate necessary to sign the message.

    Hmm, my keychain only shows one (valid and trusted) certificate for that email address.

Please Sign in or create a free account to add a new ticket.

With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.

New-ticket Create new ticket

Create your profile

Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป

Mac OS X email client.

Shared Ticket Bins

People watching this ticket

Pages