Closed
Bug 292840
Opened 19 years ago
Closed 15 years ago
cannot send a signed and encrypted mail although the certificates are imported
Categories
(MailNews Core :: Security: S/MIME, defect, P2)
Tracking
(Not tracked)
RESOLVED
WORKSFORME
mozilla1.8.1
People
(Reporter: hp, Assigned: KaiE)
References
Details
(Whiteboard: [kerh-coa])
Attachments
(4 files)
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; hu-HU; rv:1.7.6) Gecko/20050318 Firefox/1.0.2 Build Identifier: Thunderbird/1.0.2 (20050317) I made a certification authority and authorized keys for all my fellow workers. Everyone imported his key for signing and all the others' keys for encrypting the mails. All of us also have imported the CA and its (also self-made) root CA certificates. Everything is ok (all the certificates are considered valid, we can send signed and/or encrypted mails to each other) until the next start of Thunderbird. After a restart, the program cannot encrypt the messages, because it says there is no suitable certificate for it. When I open the "manage certificates" panel, all the certs are there. After closing the panel, everything _works again_. Reproducible: Always Steps to Reproduce: 1.start Thunderbird 2.try to send encrypted mail -> error message 3.open "manage certs" panel 4.close it 5.everything works fine until next restart Actual Results: After step 2.: (the error messages, depending on what did I want to do with it - encrypt or sign - doing both gives the encryption error msg) "Sending of message failed. Unable to sign message. Please check that... ...are valid and trusted." -or- "Sending of message failed. You specified encryption... ...application falied to find an encryption certificate for [my_email_address]." Expected Results: The mail should have been sent without errors.
Comment 1•19 years ago
|
||
We're seeing certificates work here, would help if you attached you CA cert and one of the signing certs (make up a dummy) to this bug.
Assignee: dveditz → bienvenu
(In reply to comment #0) I see a bug very similar to this in Linux (build 20050317) with self-made certificates, but only if the FIPS mode is enabled. I only get the error that it cannot find the certifictate for <recipient address>, not the "check...valid and trusted" one. This is when trying to send an encrypted email. If I go to Preferences -> Advanced -> Manage Security Devices and log into the software security device (PSM Internal FIPS-140-1 Cyryptogr...), then the encrypted message sends just fine. Alternatively, if I open a signed email from <recipient> (which I have saved for this purpose), it prompts for the master password for the security device and logs me into it. Then I can switch back to my compose window and send the encrypted mail without error. A related issue I have come across is that you can't edit the trust settings for my homemade certificate authority unless you are logged into the FIPS security device. Instead of an error, though, pressing "ok" does nothing. I can only use the "cancel" or "help" buttons. When logged into the FIPS security device, the "ok" button works. Again, with FIPS mode disabled, I don't see this issue. My certificates have worked normally from Netscape 4.x through Mozilla 1.7 and in Thunderbird as long as FIPS mode is disabled. I thought perhaps the original reporter should had to log into the security device to open the "manage certificates" panel, which is probably why his issue is resolved after that. But I can open the panel without entering a password, only the status of both my and others' certifiates are "unknown" and when I view them, it says "this certificate could not be verified for unknown reasons." Again, logging into the security device corrects the problem.
Comment 3•19 years ago
|
||
This is an automated message, with ID "auto-resolve01". This bug has had no comments for a long time. Statistically, we have found that bug reports that have not been confirmed by a second user after three months are highly unlikely to be the source of a fix to the code. While your input is very important to us, our resources are limited and so we are asking for your help in focussing our efforts. If you can still reproduce this problem in the latest version of the product (see below for how to obtain a copy) or, for feature requests, if it's not present in the latest version and you still believe we should implement it, please visit the URL of this bug (given at the top of this mail) and add a comment to that effect, giving more reproduction information if you have it. If it is not a problem any longer, you need take no action. If this bug is not changed in any way in the next two weeks, it will be automatically resolved. Thank you for your help in this matter. The latest beta releases can be obtained from: Firefox: http://www.mozilla.org/projects/firefox/ Thunderbird: http://www.mozilla.org/products/thunderbird/releases/1.5beta1.html Seamonkey: http://www.mozilla.org/projects/seamonkey/
Comment 4•19 years ago
|
||
This bug has been automatically resolved after a period of inactivity (see above comment). If anyone thinks this is incorrect, they should feel free to reopen it.
Status: UNCONFIRMED → RESOLVED
Closed: 19 years ago
Resolution: --- → EXPIRED
Comment 5•19 years ago
|
||
I don't know if it'll do any good, but I'm reopening.
Status: RESOLVED → UNCONFIRMED
Resolution: EXPIRED → ---
Updated•19 years ago
|
Status: UNCONFIRMED → NEW
Ever confirmed: true
Comment 6•18 years ago
|
||
the CA cert is at http://people.freenet.de/jena/cacert.crt
Comment 7•18 years ago
|
||
if there is an expired Other People's eMail signing certificate and a valid for the same eMail address, ?sometimes? I was not able to send encrypted eMail. In fact I couldn't destingish if it is SeaMonky1.0 that cases the problem or the new certificates because the events changing from SeaMonkey beta to 1.0 and new certificates overlap, but the first mail after I got the new certificate with User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.1) Gecko/20060130 SeaMonkey/1.0 , there were no problems with this. But now, and after I deleted the expired certificate, too, I couldn't send encrypted eMail. My own certificate is valid and the CA certificate is valid, too, as is the recipients signature.
Comment 8•18 years ago
|
||
Perhaps yet another manifestation of bug 335021 ?
Assignee: bienvenu → kengert
Blocks: 107491
Component: Security → Security: S/MIME
Product: Thunderbird → Core
QA Contact: thunderbird
Version: unspecified → 1.8 Branch
Assignee | ||
Comment 9•18 years ago
|
||
If you can, please try a nightly build from latest-mozilla1.8 and test whether behaviour has improved. Thanks!
Comment 10•18 years ago
|
||
tried with 2006052909 but this doesn't help. I tried sending encrypted on different PCs, W98, ME, XP and could reproduce that it was exactly one (the first) time possible to send encrypted with the SeaMonkey release version but never after with the same key ("application failed to find certificate" but it is present in Peoples Certificates) The root CA certificate moved from Authorities where it resides in the session I installed it for eMail signing and encryption to Your Certificates after the next SeaMonkey restart!
Assignee | ||
Comment 11•18 years ago
|
||
needs analysis of the attached cert
Severity: minor → normal
Priority: -- → P2
Whiteboard: [kerh-coa]
Target Milestone: --- → mozilla1.8.1
Updated•17 years ago
|
QA Contact: s.mime
Comment 12•17 years ago
|
||
I finally upgraded to 2.0.0.6 (OSX 10.4.10), and it lost my certs. I reimported one, and it still thinks it's not there, even after restarting. Attaching screenshots. Oh, and it *still* tries to save drafts signed, which is *completely* the wrong thing to do.
Comment 13•17 years ago
|
||
Comment 14•17 years ago
|
||
Comment 15•17 years ago
|
||
Comment 16•17 years ago
|
||
Fixed by going back into preferences and reselecting the certificate.
Comment 17•15 years ago
|
||
This is pretty old and I have not seen this issue. Please reopen if you can reproduce with TB3.
Status: NEW → RESOLVED
Closed: 19 years ago → 15 years ago
Resolution: --- → FIXED
Updated•14 years ago
|
Resolution: FIXED → WORKSFORME
You need to log in
before you can comment on or make changes to this bug.
Description
•