[Alpine-info] Signing with S/MIME.

Eduardo Chappa alpine.chappa at yandex.com
Sat Nov 18 20:48:23 PST 2023

Previous message: [Alpine-info] Signing with S/MIME.
Next message: [Alpine-info] Signing with S/MIME.
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, 19 Nov 2023, Carlos E. R. wrote:

>> -----------------------------

>> Manage your own certificates

>> -----------------------------

>>

>> Manage Public Certificates

>> Manage Private Keys

>> Manage Certificate Authorities

>

> I assume these three are for self signed certificates, so they don't

> apply to me.

They apply to any certificates or keys that you wish to import, so they do
apply to you.

>>> MAIL at ADDRESS.key -> ~/.alpine-smime/private/

>>> MAIL at ADDRESS.crt -> ~/.alpine-smime/public/

>>> certificate-ca.crt -> ~/.alpine-smime/ca/ (is this name correc?)

>>

>> copy MAIL at ADDRESS.crt to ~/.alpine-smime/ca/ also.

>

> Ah. Done. But doesn't help.

Have you run alpine with debug to see what more information you can get
out of the debug?

>> Do you mind sharing "ls -lR ~/.alpine-smime" with me if this does not

>> work?

>

> Sure, will mail that in private after this mail.

Thank you. I got it. It all looks good.

> Thanks, but still not there...

>

> For the record, it fails also in Thunderbird, but in Alpine I don't know

> yet if I have it configured properly.

Yes, your Alpine is configured correctly. All your permissions are set
correctly. Although your certificates have information in them that is not
part of the key or certificate, that information does not matter because
it is ignored when the certificate is processed, so I am not sure what
your problem is.

> same error code as this bug:

> <https://bugzilla.mozilla.org/show_bug.cgi?id=1756413>

> It seems RSA-PSS certificates are not supported.

>

> There's also this:

> <https://bugzilla.mozilla.org/show_bug.cgi?id=1364339>

Not my expertise here, but reading man pages, it looks like RSA-PSS uses
pkcs#8, while s/mime uses pkcs#7.

https://www.openssl.org/docs/man1.1.1/man7/RSA-PSS.html

https://en.wikipedia.org/wiki/PKCS

I can't imagine these are good news for you. Let me interpret this in a
different way. It looks like the purpose of your certificate is not for
s/mime, hence it is not surprising it fails. Since I am not the expert
here, I'd love to be corrected.

--
Eduardo

Previous message: [Alpine-info] Signing with S/MIME.
Next message: [Alpine-info] Signing with S/MIME.
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Alpine-info mailing list