Re: [Djigzo users] There are no valid S/MIME encryption certificates for the recipient
Martijn, I had installed djigzo about 5 years ago and ran that until about 4 months ago when I wanted to try PGP signatures and upgraded to ciphermail (that process was fantastic BTW!). Could it have been using those certificates in djigzo? I believe I used to use this certificates as I used to encrypt. As always, thank you for your awesome program and all of your help! Dale -Original Message- From: Martijn Brinkers [mailto:mart...@ciphermail.com] Sent: Tuesday, November 21, 2017 3:17 PM To: de Longpre, Dale; users@lists.djigzo.com Subject: Re: [Djigzo users] There are no valid S/MIME encryption certificates for the recipient On 21-11-17 21:10, de Longpre, Dale wrote: > For my test address I have 3 certificates, they all show in a white > background, they have different validity dates and are all in range. > The key usage on them digitalSignature, extended emailProtection, > clientAuth. A user that works has a couple like that but also one > cert with a usage of keyEncipherment and extended of emailProtection. > > I would have thought any of them would have worked. A certificate with a key usage of "digitalSignature, extended emailProtection, clientAuth" cannot be used for encryption only for digital signing. The key usage for encryption should either be empty or contain "keyEncipherment". Kind regards, Martijn Brinkers > -Original Message- From: Martijn Brinkers > [mailto:mart...@ciphermail.com] Sent: Tuesday, November 21, 2017 2:52 > PM To: users@lists.djigzo.com Cc: de Longpre, Dale Subject: Re: > [Djigzo users] There are no valid S/MIME encryption certificates for > the recipient > > On 21-11-17 20:42, de Longpre, Dale via Users wrote: >> As far as I can tell this just started to happen today. I thought no >> emails were being encrypted (all domain based or subject >> triggers) but it appears some are going through. All of the >> certificates for domain xyzzy.com come from the same place and when I >> look at them they all seem to be valid and similar. How can I tell >> why it isn't selecting a certificate? I have sent emails to these >> people in the past and it has worked. > > Can you check the following: > > 1. Open certificates view > > 2. filter on email address for which the system reports there is no > valid certificate (but there should be) > > 3. Check if the found certificates are valid, i.e., shown with a white > background. If the background is gray or red, click on the subject > field to view the certificate details. > > Kind regards, > > Martijn Brinkers > > >> 21 Nov 2017 08:42:33 | INFO There are valid S/MIME encryption >> certificates for the recipient(s); MailID: >> cbb2820b-75a5-4c00-9ddf-8eda62aea341; Recipients: >> [tim.t...@us.xyzzy.com] >> (mitm.application.djigzo.james.mailets.Default) [Spool Thread #3] >> >> 21 Nov 2017 09:09:41 | INFO There are no valid S/MIME encryption >> certificates for the recipient(s); MailID: >> e13bd596-ed8d-49e4-a99f-9027d26aec96; Recipients: >> [keyserv...@de.xyzzy.com]; >> (mitm.application.djigzo.james.mailets.Log) [Spool Thread #0] >> >> 21 Nov 2017 09:14:01 | INFO There are no valid S/MIME encryption >> certificates for the recipient(s); MailID: >> f2a3e321-ecc7-4746-aa45-0363872a10be; Recipients: >> [rb.trustcen...@de.xyzzy.com]; >> (mitm.application.djigzo.james.mailets.Log) [Spool Thread #1] >> >> 21 Nov 2017 10:05:26 | INFO There are no valid S/MIME encryption >> certificates for the recipient(s); MailID: >> 18462f58-9ffb-45cc-8d87-1bea8aa23270; Recipients: >> [manny@us.xyzzy.com]; >> (mitm.application.djigzo.james.mailets.Log) [Spool Thread #3] >> >> 21 Nov 2017 11:44:38 | INFO There are no valid S/MIME encryption >> certificates for the recipient(s); MailID: >> ba0c27df-02e7-452b-8545-6abc87df205f; Recipients: >> [manny@us.xyzzy.com]; >> (mitm.application.djigzo.james.mailets.Log) [Spool Thread #0] >> >> 21 Nov 2017 13:30:58 | INFO There are valid S/MIME encryption >> certificates for the recipient(s); MailID: >> 5d6fc5f7-c259-4ee0-8ef7-a3d7cfad4c4b; Recipients: >> [sar@us.xyzzy.com] >> (mitm.application.djigzo.james.mailets.Default) [Spool Thread #3] >> >> 21 Nov 2017 14:07:45 | INFO There are no valid S/MIME encryption >> certificates for the recipient(s); MailID: >> c237b9f6-36bc-412c-a3c4-406d261b19fe; Recipients: [d...@howdy.com]; >> (mitm.application.djigzo.james.mailets.Log) [Spool Thread #2] >> >> 21 Nov 2017 14:08:12 | INFO There are no valid S/MIME encryption >> certificates for the recipient(s); MailID: >>
Re: [Djigzo users] There are no valid S/MIME encryption certificates for the recipient
On 21-11-17 21:10, de Longpre, Dale wrote: For my test address I have 3 certificates, they all show in a white background, they have different validity dates and are all in range. The key usage on them digitalSignature, extended emailProtection, clientAuth. A user that works has a couple like that but also one cert with a usage of keyEncipherment and extended of emailProtection. I would have thought any of them would have worked. A certificate with a key usage of "digitalSignature, extended emailProtection, clientAuth" cannot be used for encryption only for digital signing. The key usage for encryption should either be empty or contain "keyEncipherment". Kind regards, Martijn Brinkers -Original Message- From: Martijn Brinkers [mailto:mart...@ciphermail.com] Sent: Tuesday, November 21, 2017 2:52 PM To: users@lists.djigzo.com Cc: de Longpre, Dale Subject: Re: [Djigzo users] There are no valid S/MIME encryption certificates for the recipient On 21-11-17 20:42, de Longpre, Dale via Users wrote: As far as I can tell this just started to happen today. I thought no emails were being encrypted (all domain based or subject triggers) but it appears some are going through. All of the certificates for domain xyzzy.com come from the same place and when I look at them they all seem to be valid and similar. How can I tell why it isn't selecting a certificate? I have sent emails to these people in the past and it has worked. Can you check the following: 1. Open certificates view 2. filter on email address for which the system reports there is no valid certificate (but there should be) 3. Check if the found certificates are valid, i.e., shown with a white background. If the background is gray or red, click on the subject field to view the certificate details. Kind regards, Martijn Brinkers 21 Nov 2017 08:42:33 | INFO There are valid S/MIME encryption certificates for the recipient(s); MailID: cbb2820b-75a5-4c00-9ddf-8eda62aea341; Recipients: [tim.t...@us.xyzzy.com] (mitm.application.djigzo.james.mailets.Default) [Spool Thread #3] 21 Nov 2017 09:09:41 | INFO There are no valid S/MIME encryption certificates for the recipient(s); MailID: e13bd596-ed8d-49e4-a99f-9027d26aec96; Recipients: [keyserv...@de.xyzzy.com]; (mitm.application.djigzo.james.mailets.Log) [Spool Thread #0] 21 Nov 2017 09:14:01 | INFO There are no valid S/MIME encryption certificates for the recipient(s); MailID: f2a3e321-ecc7-4746-aa45-0363872a10be; Recipients: [rb.trustcen...@de.xyzzy.com]; (mitm.application.djigzo.james.mailets.Log) [Spool Thread #1] 21 Nov 2017 10:05:26 | INFO There are no valid S/MIME encryption certificates for the recipient(s); MailID: 18462f58-9ffb-45cc-8d87-1bea8aa23270; Recipients: [manny@us.xyzzy.com]; (mitm.application.djigzo.james.mailets.Log) [Spool Thread #3] 21 Nov 2017 11:44:38 | INFO There are no valid S/MIME encryption certificates for the recipient(s); MailID: ba0c27df-02e7-452b-8545-6abc87df205f; Recipients: [manny@us.xyzzy.com]; (mitm.application.djigzo.james.mailets.Log) [Spool Thread #0] 21 Nov 2017 13:30:58 | INFO There are valid S/MIME encryption certificates for the recipient(s); MailID: 5d6fc5f7-c259-4ee0-8ef7-a3d7cfad4c4b; Recipients: [sar@us.xyzzy.com] (mitm.application.djigzo.james.mailets.Default) [Spool Thread #3] 21 Nov 2017 14:07:45 | INFO There are no valid S/MIME encryption certificates for the recipient(s); MailID: c237b9f6-36bc-412c-a3c4-406d261b19fe; Recipients: [d...@howdy.com]; (mitm.application.djigzo.james.mailets.Log) [Spool Thread #2] 21 Nov 2017 14:08:12 | INFO There are no valid S/MIME encryption certificates for the recipient(s); MailID: 9bebe358-6597-4819-b0e2-1aef3e01a3e3; Recipients: [d...@howdy.com]; (mitm.application.djigzo.james.mailets.Log) [Spool Thread #3] 21 Nov 2017 14:12:26 | INFO There are no valid S/MIME encryption certificates for the recipient(s); MailID: 54f21d50-bcf0-47d9-9e16-1e2cf8bdff5c; Recipients: [d...@howdy.com]; (mitm.application.djigzo.james.mailets.Log) [Spool Thread #2] Thanks, Dale ___ Users mailing list Users@lists.djigzo.com https://lists.djigzo.com/lists/listinfo/users -- CipherMail email encryption Email encryption with support for S/MIME, OpenPGP, PDF encryption and secure webmail pull. https://www.ciphermail.com Twitter: http://twitter.com/CipherMail -- CipherMail email encryption Email encryption with support for S/MIME, OpenPGP, PDF encryption and secure webmail pull. https://www.ciphermail.com Twitter: http://twitter.com/CipherMail ___ Users mailing list Users@lists.djigzo.com https://lists.djigzo.com/lists/listinfo/users
Re: [Djigzo users] There are no valid S/MIME encryption certificates for the recipient
For my test address I have 3 certificates, they all show in a white background, they have different validity dates and are all in range. The key usage on them digitalSignature, extended emailProtection, clientAuth. A user that works has a couple like that but also one cert with a usage of keyEncipherment and extended of emailProtection. I would have thought any of them would have worked. -Original Message- From: Martijn Brinkers [mailto:mart...@ciphermail.com] Sent: Tuesday, November 21, 2017 2:52 PM To: users@lists.djigzo.com Cc: de Longpre, Dale Subject: Re: [Djigzo users] There are no valid S/MIME encryption certificates for the recipient On 21-11-17 20:42, de Longpre, Dale via Users wrote: > As far as I can tell this just started to happen today. I thought no > emails were being encrypted (all domain based or subject triggers) but > it appears some are going through. All of the certificates for domain > xyzzy.com come from the same place and when I look at them they all > seem to be valid and similar. How can I tell why it isn't selecting a > certificate? I have sent emails to these people in the past and it > has worked. Can you check the following: 1. Open certificates view 2. filter on email address for which the system reports there is no valid certificate (but there should be) 3. Check if the found certificates are valid, i.e., shown with a white background. If the background is gray or red, click on the subject field to view the certificate details. Kind regards, Martijn Brinkers > 21 Nov 2017 08:42:33 | INFO There are valid S/MIME encryption > certificates for the recipient(s); MailID: > cbb2820b-75a5-4c00-9ddf-8eda62aea341; Recipients: > [tim.t...@us.xyzzy.com] > (mitm.application.djigzo.james.mailets.Default) [Spool Thread #3] > > 21 Nov 2017 09:09:41 | INFO There are no valid S/MIME encryption > certificates for the recipient(s); MailID: > e13bd596-ed8d-49e4-a99f-9027d26aec96; Recipients: > [keyserv...@de.xyzzy.com]; > (mitm.application.djigzo.james.mailets.Log) [Spool Thread #0] > > 21 Nov 2017 09:14:01 | INFO There are no valid S/MIME encryption > certificates for the recipient(s); MailID: > f2a3e321-ecc7-4746-aa45-0363872a10be; Recipients: > [rb.trustcen...@de.xyzzy.com]; > (mitm.application.djigzo.james.mailets.Log) [Spool Thread #1] > > 21 Nov 2017 10:05:26 | INFO There are no valid S/MIME encryption > certificates for the recipient(s); MailID: > 18462f58-9ffb-45cc-8d87-1bea8aa23270; Recipients: > [manny@us.xyzzy.com]; (mitm.application.djigzo.james.mailets.Log) > [Spool Thread #3] > > 21 Nov 2017 11:44:38 | INFO There are no valid S/MIME encryption > certificates for the recipient(s); MailID: > ba0c27df-02e7-452b-8545-6abc87df205f; Recipients: > [manny@us.xyzzy.com]; (mitm.application.djigzo.james.mailets.Log) > [Spool Thread #0] > > 21 Nov 2017 13:30:58 | INFO There are valid S/MIME encryption > certificates for the recipient(s); MailID: > 5d6fc5f7-c259-4ee0-8ef7-a3d7cfad4c4b; Recipients: > [sar@us.xyzzy.com] > (mitm.application.djigzo.james.mailets.Default) [Spool Thread #3] > > 21 Nov 2017 14:07:45 | INFO There are no valid S/MIME encryption > certificates for the recipient(s); MailID: > c237b9f6-36bc-412c-a3c4-406d261b19fe; Recipients: [d...@howdy.com]; > (mitm.application.djigzo.james.mailets.Log) [Spool Thread #2] > > 21 Nov 2017 14:08:12 | INFO There are no valid S/MIME encryption > certificates for the recipient(s); MailID: > 9bebe358-6597-4819-b0e2-1aef3e01a3e3; Recipients: [d...@howdy.com]; > (mitm.application.djigzo.james.mailets.Log) [Spool Thread #3] > > 21 Nov 2017 14:12:26 | INFO There are no valid S/MIME encryption > certificates for the recipient(s); MailID: > 54f21d50-bcf0-47d9-9e16-1e2cf8bdff5c; Recipients: [d...@howdy.com]; > (mitm.application.djigzo.james.mailets.Log) [Spool Thread #2] > > > Thanks, > > Dale > > ___ Users mailing list > Users@lists.djigzo.com https://lists.djigzo.com/lists/listinfo/users > -- CipherMail email encryption Email encryption with support for S/MIME, OpenPGP, PDF encryption and secure webmail pull. https://www.ciphermail.com Twitter: http://twitter.com/CipherMail ___ Users mailing list Users@lists.djigzo.com https://lists.djigzo.com/lists/listinfo/users
Re: [Djigzo users] There are no valid S/MIME encryption certificates for the recipient
On 21-11-17 20:42, de Longpre, Dale via Users wrote: As far as I can tell this just started to happen today. I thought no emails were being encrypted (all domain based or subject triggers) but it appears some are going through. All of the certificates for domain xyzzy.com come from the same place and when I look at them they all seem to be valid and similar. How can I tell why it isn't selecting a certificate? I have sent emails to these people in the past and it has worked. Can you check the following: 1. Open certificates view 2. filter on email address for which the system reports there is no valid certificate (but there should be) 3. Check if the found certificates are valid, i.e., shown with a white background. If the background is gray or red, click on the subject field to view the certificate details. Kind regards, Martijn Brinkers 21 Nov 2017 08:42:33 | INFO There are valid S/MIME encryption certificates for the recipient(s); MailID: cbb2820b-75a5-4c00-9ddf-8eda62aea341; Recipients: [tim.t...@us.xyzzy.com] (mitm.application.djigzo.james.mailets.Default) [Spool Thread #3] 21 Nov 2017 09:09:41 | INFO There are no valid S/MIME encryption certificates for the recipient(s); MailID: e13bd596-ed8d-49e4-a99f-9027d26aec96; Recipients: [keyserv...@de.xyzzy.com]; (mitm.application.djigzo.james.mailets.Log) [Spool Thread #0] 21 Nov 2017 09:14:01 | INFO There are no valid S/MIME encryption certificates for the recipient(s); MailID: f2a3e321-ecc7-4746-aa45-0363872a10be; Recipients: [rb.trustcen...@de.xyzzy.com]; (mitm.application.djigzo.james.mailets.Log) [Spool Thread #1] 21 Nov 2017 10:05:26 | INFO There are no valid S/MIME encryption certificates for the recipient(s); MailID: 18462f58-9ffb-45cc-8d87-1bea8aa23270; Recipients: [manny@us.xyzzy.com]; (mitm.application.djigzo.james.mailets.Log) [Spool Thread #3] 21 Nov 2017 11:44:38 | INFO There are no valid S/MIME encryption certificates for the recipient(s); MailID: ba0c27df-02e7-452b-8545-6abc87df205f; Recipients: [manny@us.xyzzy.com]; (mitm.application.djigzo.james.mailets.Log) [Spool Thread #0] 21 Nov 2017 13:30:58 | INFO There are valid S/MIME encryption certificates for the recipient(s); MailID: 5d6fc5f7-c259-4ee0-8ef7-a3d7cfad4c4b; Recipients: [sar@us.xyzzy.com] (mitm.application.djigzo.james.mailets.Default) [Spool Thread #3] 21 Nov 2017 14:07:45 | INFO There are no valid S/MIME encryption certificates for the recipient(s); MailID: c237b9f6-36bc-412c-a3c4-406d261b19fe; Recipients: [d...@howdy.com]; (mitm.application.djigzo.james.mailets.Log) [Spool Thread #2] 21 Nov 2017 14:08:12 | INFO There are no valid S/MIME encryption certificates for the recipient(s); MailID: 9bebe358-6597-4819-b0e2-1aef3e01a3e3; Recipients: [d...@howdy.com]; (mitm.application.djigzo.james.mailets.Log) [Spool Thread #3] 21 Nov 2017 14:12:26 | INFO There are no valid S/MIME encryption certificates for the recipient(s); MailID: 54f21d50-bcf0-47d9-9e16-1e2cf8bdff5c; Recipients: [d...@howdy.com]; (mitm.application.djigzo.james.mailets.Log) [Spool Thread #2] Thanks, Dale ___ Users mailing list Users@lists.djigzo.com https://lists.djigzo.com/lists/listinfo/users -- CipherMail email encryption Email encryption with support for S/MIME, OpenPGP, PDF encryption and secure webmail pull. https://www.ciphermail.com Twitter: http://twitter.com/CipherMail ___ Users mailing list Users@lists.djigzo.com https://lists.djigzo.com/lists/listinfo/users