I have been playing around with sending encrypted email with S/MIME. I am using our server certificate which is registered with GoDaddy.com and has a valid date until 2016. When the end user receives the email the first time, our certificate path does not show the that it goes back to GoDaddy.com and the user must add our cert as the Trust Authority. Is this normal or am I doing something wrong?
Greg
You must use recipient's certificate for encryption, not sender's. What you are doing doesn't make sense in S/MIME.
You appear to be talking about SMTP communication between 2 email servers. That has nothing to do with email clients (like Outlook or Thunderbird.) Certificates that encrypt traffic between servers are installed differently depending on the email server type. Veryfying certificate is best done from another computer using command line and openssl command. Server SMTP sertificates (on ports 25/465/587 do not encrypt traffic between server and client.
Thunderbird email client has very easy to use email encryption these days. It can generate your private/public keys that you use to send and recive encrypted emails.
Server has nothing to do with those keys or encryption. It is purely client2client function. Both parties must have proper keys (ie. you must somehow send your public key first to the person you intend to send encrypted emails.)
I usually include my public key in every message by default.
