Closed
Bug 1366630
Opened 7 years ago
Closed 7 years ago
Mail signing with certificate fails in 52.1.1
Categories
(Thunderbird :: Security, defect)
Tracking
(Not tracked)
RESOLVED
DUPLICATE
of bug 1366228
People
(Reporter: ag.moz, Unassigned)
Details
User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:53.0) Gecko/20100101 Firefox/53.0 Build ID: 20170504105526 Steps to reproduce: 1. Get a certificate from StartCom for email signing 2. Import it into Thunderbird 3. Create a new email message using the above email with digital signing enabled 4. Send it Issuer: CN = StartCom Class 1 Client CA OU = StartCom Certification Authority O = StartCom Ltd. C = IL Certificate Key Usage: Critical Signing Key Encipherment Extended Key Usage: Not Critical TLS Web Client Authentication (1.3.6.1.5.5.7.3.2) E-mail protection (1.3.6.1.5.5.7.3.4) Authority Information Access: Not Critical OCSP: URI: http://ocsp.startssl.com CA Issuers: URI: http://aia.startssl.com/certs/sca.client1.crt Actual results: Mail fails to send, following error message appears: Sending of the message failed. Unable to sign message. Please check that the certificates specified in Mail & Newsgroups Account Settings for this mail account are valid and trusted for mail. Also, in about:config, the mail.identity.idxx.encryption_cert_dbkey mail.identity.idxx.signing_cert_dbkey values are removed for the account. Expected results: Mail successfully sends
Updated•7 years ago
|
Component: Untriaged → Security
Comment 1•7 years ago
|
||
Yep. StartCom certificates no longer work, see bug 1366228 and https://blog.mozilla.org/security/2016/10/24/distrusting-new-wosign-and-startcom-certificates/ Also, bug 1364339.
Status: UNCONFIRMED → RESOLVED
Closed: 7 years ago
Resolution: --- → DUPLICATE
Comment 2•7 years ago
|
||
I have the same problem, my certificate was free issued by Comodo. This year is a RSA certificate, the old cert was SHA something. And it is not working too. The error message is the same. I have this problem with 2 accounts/2 certificates. Portuguese Message (for reference): Não foi possível salvar sua mensagem como rascunho. Não foi possivel assinar a mensagem. Por favor, certifique-se de que os certificados especificados nas opções de “Configurar contas” para esta conta são válidos e considerados confiáveis. Sending of the message failed. Unable to sign message. Please check that the certificates specified in Mail & Newsgroups Account Settings for this mail account are valid and trusted for mail.
You need to log in
before you can comment on or make changes to this bug.
Description
•