This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Does Thunderbird automatically encrypt messages to sender's certificate too?

  • 4 replies
  • 2 have this problem
  • 13 views
  • Last reply by vskivanov

more options

I'm trying to set up mail encryption with own CA. For the tests I've created a CA self signed certificate and issued two user certificates - for the user Sender with mail sender@... and for the user Recipient - recipient@... In Thunderbird I've created both mail accounts and imported Senders .p12 certificate file including it's private key and Recipient certificate - just it's public key. Then I send an encrypted message to recipient account from the senders one and message arrives in recipient Inbox plaintext readable without having recipient private key imported into certificate store, just the senders one. When senders private key is removed from store, message becomes unreadable. Same thing happens when using Token instead of importing sender's .p12 certificate into certificate store. So my question is - does Thunderbird automatically encrypts messages with senders certificate together with recipients one? Thank you!

Regards, Vasko Ivanov

I'm trying to set up mail encryption with own CA. For the tests I've created a CA self signed certificate and issued two user certificates - for the user Sender with mail sender@... and for the user Recipient - recipient@... In Thunderbird I've created both mail accounts and imported Senders .p12 certificate file including it's private key and Recipient certificate - just it's public key. Then I send an encrypted message to recipient account from the senders one and message arrives in recipient Inbox plaintext readable without having recipient private key imported into certificate store, just the senders one. When senders private key is removed from store, message becomes unreadable. Same thing happens when using Token instead of importing sender's .p12 certificate into certificate store. So my question is - does Thunderbird automatically encrypts messages with senders certificate together with recipients one? Thank you! Regards, Vasko Ivanov

Chosen solution

Yes, Thunderbird encrypts the message to both, the senders, and the recipients key. Otherwise you (the sender) wouldn't be able to read the copy of the sent message in your Sent folder.

Read this answer in context 👍 2

All Replies (4)

more options

You need to tell Thunderbird to encrypt the message (to the recipients key). In the Compose window there should be a S/MIME menu button in the Mail Composition Toolbar.

more options

Hi and thank you for your reply. As I said - I do encrypt the messages. And this is why I'm asking if Thunderbird automatically encrypts messages with senders key together with recipients one. Thank you again for your help.

more options

Chosen Solution

Yes, Thunderbird encrypts the message to both, the senders, and the recipients key. Otherwise you (the sender) wouldn't be able to read the copy of the sent message in your Sent folder.

more options

Great, thank you! What I thought, but needed to confirm it's not just a local security issue.