Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [smime]

S/MIME is a protocol for signing and/or encrypting emails using certificates

35 questions
1
vote
1 answer

Email signing using commercial SSL certificate

I am considering securing my work environment with certificates and thus have a couple of questions. My Active Directory domain is domain.com. If I buy a commercial wildcard SSL certificate from i.e. COMODO is it possible to create S/MIME user…
badboy
  • 81
  • 6
1
vote
1 answer

Verifying S/MIME signed message with OpenSSL without checking the certificate's purpose

The problem: When I sign a message with a certificate which is used for a HTTPS webserver, OpenSSL does not want to verify it back. Signing a message: echo "TestMessage" | openssl smime \ -sign \ -inkey server-key.pem \ -signer…
ZeWaren
  • 125
  • 1
  • 9
1
vote
2 answers

openssl smime message signing: why do I need a -certfile key?

Here is how one should sign a message with openssl smime? according to the docs openssl smime -sign -in in.txt -text -out mail.msg -signer mycert.pem \ -inkey mykey.pem -certfile mycerts.pem But why is there a -signer key with a certificate --…
Vadim Samokhin
  • 121
  • 6
1
vote
1 answer

How can I limit the SMIME capabilities from a CA without using FIM?

These instructions describe how to prevent using SMIME with weak ciphers, however it requires an expensive product from Microsoft. How can I prevent a CA from issuing SMIME certificates that permit the weak ciphers from being used?
makerofthings7
  • 8,911
  • 34
  • 121
  • 197
1
vote
1 answer

Possible to make SMIME signatures not appear as an attachment? (e.g. in Gmail)

We are using SMIME across our organisation and are getting complaints that the SMIME signature is appearing as an attachment in various email clients. (gmail) Is there any way to edit the SMTP envelope or data so that it doesn't look like an…
makerofthings7
  • 8,911
  • 34
  • 121
  • 197
1
vote
1 answer

Secure e-mail with SMTP Virtual Server in Windows 2008

Is it possible to send encrypted and digitally signed e-mail messages using S/MIME through the SMTP Virtual Server component included in Windows Server 2008 or do I have to use Exchange? If it is, what are the configuration settings required to make…
Enrico Campidoglio
  • 133
  • 1
  • 5
1
vote
2 answers

What is the best practice to handle expiring S/MIME mail certificates

where can I find info regarding the proper way to handle expiring mail certificates? Here's the problem: our certificates for digitally signing mails expire after a year. If, a week before expiry, I revoke a certificate and create a new one,…
Jürgen Depicker
  • 11
  • 1
0
votes
1 answer

Do expired, revoked, self-signed S/MIME certificates trigger email SPAM filters or affect mail delivery?

For example, I have an expired or revoked S/MIME certificate. Can I sign or can the recipient encrypt a message with it? Will an email client allow it? If it is possible, will the message be rejected by SPAM filters? And what about the messages…
t7e
  • 161
  • 1
  • 7
0
votes
1 answer

Is the private key for S/MIME certificates generated on the CA servers or in the browser?

I heard that some certificate authorities generate your private key for S/MIME certificates on their servers. However, some of them who recommend using Internet Explorer for this purpose, probably, generate the private key directly in your browser…
t7e
  • 161
  • 1
  • 7
0
votes
1 answer

How is outgoing email encrypted by S/MIME certificates?

After several hours of surfing the internet, I failed to find any comprehensive guide on how to encrypt the email between two users using the S/MIME certificate. In parallel with SSL certificates: the server sends the public key to the browser, the…
t7e
  • 161
  • 1
  • 7
0
votes
1 answer

Outlook sMIME certificates location, errors, and background work

We have an situation. Our customer can get sMIME encrypted mails and reply to that email. But when he wants to send it with new email he is getting an error message as if the recipient email does not have an public key. So we have checked the…
CanBuyukburc
  • 13
  • 1
  • 6
0
votes
1 answer

Cannot recover backup made with `openssl smime`

My (only) database server went down and I am in the process of recovering everything. I created a new server and now I just want to restore the database backup. I have a nightly script that runs this command to create an encrypted backup: pg_dump…
KNejad
  • 101
  • 3
0
votes
1 answer

Digital Signature is not valid

I recently received a digital signed email from a friend and the certificate is issued by COMODO RSA Client Authentication and Secure Email. My problem is the thunderbird detect it as a "Not Valid Signature" I double checked the CA Authorities on…
shiroyashaa
  • 1
0
votes
1 answer

What are the best practices for providing S/MIME-Certificates in Outlook?

I got some questions regarding S/MIME in Outlook and certificates in general. Some questions arrised about the possibility to digitally sign emails in my company. As I'm new to the topic I had to do some research first. I found out that you can use…
flos12
  • 3
  • 2
0
votes
1 answer

Scan S/MIME Encrypted Email on Exchange Server

We have a copy of each user's S/MIME encryption (well, decryption) private keys as well as their certificate centrally managed in an HSM. We want to configure Exchange to automatically decrypt any encrypted emails sent by our employees or to our…
Hmmmmm
  • 113
  • 5
1
2
3