Page 2 of 2 FirstFirst 12
Results 11 to 18 of 18

Thread: S/MIME public beta now available!

  1. #11
    Zarafa Development

    Join Date
    Mar 2014
    Posts
    49
    Thanks for the feedback, a ticket has been created on our bugtracker for this issue.

  2. #12
    Junior Member
    Join Date
    Jun 2015
    Posts
    3
    Hello!

    I'm also testing the S/MIME plugin and I have one question:
    Is there a way to install a chain certificate? On other email clients I need to install this chain certificate in addition to the S/MIME certificate to get it work properly.
    The S/MIME plugin allows me to install only one certificate. In this case It is possible to sign emails, but the receiver sees it as untrusted.

    Thanks!

  3. #13
    Hi Gerd,

    You can install this with:

    Deb
    Copy the .crt to /usr/local/share/ca-certificates folder: cp yourca.crt /usr/local/share/ca-certificates
    update: update-ca-certificates -f -v

    Rpm based

    Install the ca-certificates package: yum install ca-certificates

    Enable the dynamic CA configuration feature: update-ca-trust enable

    convert your ca.crt to .pem format: mv ca.crt ca.pem

    Add it as a new file to etc/pki/tls/certs/: cp ca.pem /etc/pki/tls/certs/

    Use command: c_rehash

    Let us know if this solves your issue.

    Greetings,
    Regards,

    Martyn

  4. #14
    Junior Member
    Join Date
    Jun 2015
    Posts
    3
    Thanks for your reply!
    I have a Debian system and I already did what you described (as seen in /etc/zarafa/webapp/config-smime.php). Unortunately this doesn't solve my problem.
    The only advantage is that signed mails sent to my own address are now shown as trusted in Webapp. But this mail is not recognized as trusted in Outlook.

    If I send a mail from e.g. my Ipad, where both certificates (Mail and intermediate chain certificate) can be installed, this mail is shown as trusted, both Webapp (also without the chain certificate installed in the system) and Outlook.

    By the way: I have a Class 2 certificate from startssl.com

    Thanks!

  5. #15
    Hi Gerd,

    Can you open the message in Outlook and open the "Message Security Properties".
    Click on the signer field and view details + view certificate. I think Outlook makes a check for your issuer somehow and if it's trusted it's added in your ca store
    (run->mmc->add certificates snap-in)
    Regards,

    Martyn

  6. #16
    Junior Member
    Join Date
    Jun 2015
    Posts
    3
    Hi Martyn

    Yes, If I open a message sent via Webapp as you described, the certificate is shown as trusted afterwards. But a message sent from the iPad is shown immediately as trusted (I've verified this several times with a virtual Windows installation. I always revert to a clean snapshot, where te certificate is not checked before I sent the mail). So Webapp and iPad do different things.

    By the way: Outlook trusts the certificate after the "view details + view certificate" procedure even when I don't install the chain certificate on my Zarafa-Server.
    Last edited by gerd; 18-06-2015 at 12:36 PM.

  7. #17
    Junior Member
    Join Date
    Jun 2015
    Posts
    4
    Hi Martyn,

    unfortunately I posted this in a new thread before I have seen this one. So the following is just a copy of the original posting.

    Sent and received signed e-mails including Umlaut characters (special German characters) in subject or body are corrupted in the WebApp view. The characters äöüÄÖÜ are displayed as ?, the character ß is displayed as ss. Using other e-mail clients (e.g. Thunderbird) show the Umlaut characters correctly.
    Contents of received encrypted e-mails are not displayed at all. Only the green status line of properly decryption is shown.

    System configuration:
    CentOS 6.6
    ZCP 7.1.12-4941
    WebApp 2.0.2.48619
    zarafa-webapp-plugins-smime 1.0-17.1

    Is there any further information I can deliver?

    Greetings,
    Stefan

  8. #18
    Hi Gerd,

    Luckely your certificate will become valid after a few seconds (btw after that it shouldn't get invalid anymore..)
    It's not uncommon for WebApp, iOS and OUtlook to do different things though, but I will test your issue and perhaps we can see what's going on under the hood

    ---------- Post added ----------

    @Stefan,

    I will respond to your question at the other thread.
    Regards,

    Martyn

Page 2 of 2 FirstFirst 12

Similar Threads

  1. S/MIME and WebAccess 7.1.10
    By bauer40 in forum WebAccess
    Replies: 3
    Last Post: 26-11-2014, 11:34 AM
  2. S/mime
    By xthbx in forum WebApp
    Replies: 0
    Last Post: 28-06-2013, 06:13 AM
  3. S/mime Certificate in GAL ?
    By RainerR in forum Outlook client
    Replies: 0
    Last Post: 30-11-2012, 07:02 PM
  4. S/MIME and Chromium
    By novetica in forum WebAccess usage Archives
    Replies: 3
    Last Post: 18-12-2010, 05:42 PM
  5. S/MIME in Webaccess
    By mvanvoorden in forum WebAccess usage Archives
    Replies: 6
    Last Post: 27-09-2010, 08:16 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •