I have an S/MIME certificate
which works fine for signing, encrypting, and decrypting email
with Mac OS and iOS devices via CGP (this list won’t accept
signed email). I installed it into CGP 6.1.19 via webmail
Settings/Secure Mail (it’s also installed in the browser
used). When I send encrypted email via CGP webmail or Pronto,
the recipient email clients cannot read it:
- iOS Mail says “This
message is encrypted. Install a profile containing your
encryption identity to decrypt this message.” (The same
certificate is installed—the serial numbers and
dates match!)
- Thunderbird says: “The
sender encrypted this message to you using one of your
digital certificates, however Thunderbird was not able to
find this certificate and corresponding private key.”
(Again, it is installed in Thunderbird, and the
serial numbers and dates match.)
- CGP Webmail and Pronto
both can unlock and display the email’s encrypted text, but
flag the signature in red: “Content Unaltered as verified
By: presented certificate is issued
by an unknown authority: <gib@gibhenry.com>”.
Curiously, the issuing authority is the same one that issued
the domain SSL certificate (Comodo). They’re all current.
- Mac OS and iOS devices
also cannot read the CGP-originated copy in Sent Items, but
CGP webmail and Pronto can.
- Email sent from me to me
in Thunderbird is decrypted and readable in both T’bird and
CGP; the reply from CGP is not readable in T’bird.
- Email only signed from CGP shows
as validly signed in Thunderbird, so evidently the
certificate is working correctly.
I have uninstalled and
reinstalled twice, and have ensured that the Comodo chain is
complete.
Two questions:
- Is this problem more
likely to lie with CGP, or elsewhere?
- If it’s my key, and it’s
installed, why can’t the email client find it in messages
via webmail and Pronto, but can find it in messages
via other iOS and Mac OS clients?
Thanks in advance for any
insight you can offer. Cheers,
|