Hi, I'm using Mutt for some time and It is great! I have a number of cert/priv.keys already. All are imported into my store under the label "zito". All certs are one year validity.
zito@bobek:~/.keystore$ smime_keys list|fgrep zito 243f80ec.0: Issued for: vaclav.ov...@i.cz "zito" (Expired) Subject: Ovs\xEDk V\xE1clav (zito) 243f80ec.1: Issued for: vaclav.ov...@i.cz "zito" (Expired) Subject: Ovs\xEDk V\xE1clav (zito) 243f80ec.2: Issued for: vaclav.ov...@i.cz "zito" (Expired) Subject: Ovs\xEDk V\xE1clav (zito) 243f80ec.3: Issued for: vaclav.ov...@i.cz "zito" (Expired) Subject: Ovs\xEDk V\xE1clav (zito) 243f80ec.4: Issued for: vaclav.ov...@i.cz "zito" (Trusted) Subject: Ovs\xEDk V\xE1clav (zito) 243f80ec.5: Issued for: vaclav.ov...@i.cz "zito" (Trusted) Subject: Ovs\xEDk V\xE1clav (zito) 243f80ec.6: Issued for: vaclav.ov...@i.cz "zito" (Trusted) Subject: Ovs\xC3\xADk V\xC3\xA1clav (zito) zito@bobek:~/.keystore/cert$ for x in 243f80ec.*; do echo -n "$x: "; openssl x509 -enddate -noout -in $x; done 243f80ec.0: notAfter=Feb 17 09:42:25 2009 GMT 243f80ec.1: notAfter=Jan 29 13:43:16 2011 GMT 243f80ec.2: notAfter=Jan 24 13:19:51 2012 GMT 243f80ec.3: notAfter=Feb 9 07:42:37 2010 GMT 243f80ec.4: notAfter=Jan 16 07:16:55 2013 GMT 243f80ec.5: notAfter=Jan 17 12:05:54 2014 GMT 243f80ec.6: notAfter=Nov 12 14:08:37 2014 GMT There are problems: 1) The only valid cert is the last (243f80ec.6), all previous are Expired. Some certs was valid in the time of its import (243f80ec.{4,5}). - What should I do, to refresh the validity in the .index file? ...of course I can change `t' to `e' by hand :), but I hope this is not the intention. 2) When I receive an encrypted message, Mutt asks me what key to use to decrypt a message and the keys it offers are in strange order. For example I hit the enc. message and the Mutt asks: Use ID 243f80ec.1 for vaclav.ov...@i.cz ? ([no]/yes): Use ID 243f80ec.2 for vaclav.ov...@i.cz ? ([no]/yes): Use ID 243f80ec.3 for vaclav.ov...@i.cz ? ([no]/yes): Use ID 243f80ec.4 for vaclav.ov...@i.cz ? ([no]/yes): Use ID 243f80ec.5 for vaclav.ov...@i.cz ? ([no]/yes): Use ID 243f80ec.6 for vaclav.ov...@i.cz ? ([no]/yes): Use ID 243f80ec.0 for vaclav.ov...@i.cz ? ([no]/yes): Enter keyID for vaclav.ov...@i.cz: ...and finally the list of all So this is a bit torture, especially in the case, some colleague send me a message encrypted with the already expired keys. 3) The above problem applies to archive of old messages. I'm not able to guess what key to use for several year old message and I simply tries everyone. Is it possible to configure Mutt to try every key from store to decrypt message without asking in the case the pass-phrase is the same for all keys? Best Regards -- Zito