搜索 | 用户支持

防范以用户支持为名的诈骗。我们绝对不会要求您拨打电话或发送短信,及提供任何个人信息。请使用“举报滥用”选项报告涉及违规的行为。

详细了解

Difficulty configuring certificates in enigmail on Linux (PureOS: debian-based)

  • 7 个回答
  • 1 人有此问题
  • 18 次查看
  • 最后回复者为 Felicia

more options

"Sending of the message failed. You specified that this message should be digitally signed, but the application either failed to find the signing certificate specified in your Mail & Newsgroup Account Settings, or the certificate has expired." (I found this info, but there is no info on Pure OS, just OpenSUSE: https://kamarada.github.io/en/2019/07/02/sending-digitally-signed-emails-with-thunderbird/) Does anybody know how to fix this problem? (I'm a Linux newbie...)

"Sending of the message failed. You specified that this message should be digitally signed, but the application either failed to find the signing certificate specified in your Mail & Newsgroup Account Settings, or the certificate has expired." (I found this info, but there is no info on Pure OS, just OpenSUSE: https://kamarada.github.io/en/2019/07/02/sending-digitally-signed-emails-with-thunderbird/) Does anybody know how to fix this problem? (I'm a Linux newbie...)

由Matt于修改

被采纳的解决方案

You specified that this message should be digitally signed, but the application either failed to find the signing certificate specified in your Mail & Newsgroup Account Settings, or the certificate has expired.

The error message suggests you're trying to use S/MIME for signing, which would require a certificate.

Enigmail actually does both, OpenPGP, and S/MIME. So you'll have to make sure to choose OpenPGP encryption and signing, as your post above suggests this is what you're actually trying to do. This can be specified in your Account Settings, or on the fly via the Enigmail menu item in a compose window. You'll also need to specify which keypair shall be used for encryption and signing in your Account Settings.

Presumably with the new Thunderbird installation on the laptop you've been using Enigmail PEP mode, which would explain why a new keypair was created automatically. This is particularly annoying when a keypair already exists. Therefore I'd suggest to disable PEP in your Enigmail settings.

定位到答案原位置 👍 0

所有回复 (7)

more options

It really doesn't matter what flavor of Linux you're using.

Do you actually have a cert and a private key, and did you import your cert (and private key) into Thunderbird's certificate store?

more options

Yes, I did, I installed Thunderbird and by doing so, I got a new key, but I also installed my old key and the keys I have from people I know. Could these two keys I have now create problems? I didn't know how to avoid creating a new one. I found out right now that I can sign and encrypt mails with very few people, but in most cases I get the error message...

more options
I installed Thunderbird and by doing so, I got a new key

You certainly don't get a new key by just installing Thunderbird. You do need a CA (Certificate Authority) to issue a new cert for your email address.

I also installed my old key and the keys I have from people I know.

It would probably be a good idea if you explain in more detail what exactly you did. Screenshots will help. https://support.mozilla.org/kb/how-do-i-create-screenshot-my-problem

I found out right now that I can sign and encrypt mails with very few people, but in most cases I get the error message...

That doesn't really make sense. In order to sign a message all you need is your private key. Why this would work for some recipients but not for others, I have no idea, and I somehow doubt that this is the case. It would either work, or not at all, regardless of the recipient.

more options

Thank you for asking and trying to help me with this problem! I have a new laptop and I installed Thunderbird the same way I did before on my old computer, and I made the whole set-up for Enigmail as I did on my old computer. Probably, that's why I have two keys for the same e-mail address now. I then realized that I couldn't read the old encrypted messages anymore and remembered that I had saved the keys on a USB stick. I imported them and realized that my e-mail address had two different keys now, the old one and the new one. I thought I can simply delete the new one, but this caused problems, and I imported it again (had saved it before on the stick). I can reply to the old encrypted mails with encryption and signature, but I can't sign new mails. Do you know what might have happened based on this description? Thank you!!

more options

P.S.: I found out that I can send encrypted and signed e-mails with the new signature, but I can't sent messages I only sign...

more options

选择的解决方案

You specified that this message should be digitally signed, but the application either failed to find the signing certificate specified in your Mail & Newsgroup Account Settings, or the certificate has expired.

The error message suggests you're trying to use S/MIME for signing, which would require a certificate.

Enigmail actually does both, OpenPGP, and S/MIME. So you'll have to make sure to choose OpenPGP encryption and signing, as your post above suggests this is what you're actually trying to do. This can be specified in your Account Settings, or on the fly via the Enigmail menu item in a compose window. You'll also need to specify which keypair shall be used for encryption and signing in your Account Settings.

Presumably with the new Thunderbird installation on the laptop you've been using Enigmail PEP mode, which would explain why a new keypair was created automatically. This is particularly annoying when a keypair already exists. Therefore I'd suggest to disable PEP in your Enigmail settings.

more options

Thank you very much! I managed to adjust my Account Settings, the only thing I couldn't find is where to disable PEP. But I've chosen to always use the new key and it's working now. Thank you again for your help!