This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Buscar en Ayuda

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

S/MIME Problem

  • 3 respuestas
  • 3 tienen este problema
  • 1 visita
  • Última respuesta de Thomas

more options

I have a problem with the 102.3.1 release. I have several email accounts with S / MIME certificates set up but for signing only, if I want to encrypt my messages then I manually select encrypt. The problem is that the OpenPGP option is selected by default in the compose window and I am not able to set it to be S / MIME by default. In the account settings in the end-to-end encryption tab, I have the certificates read and the option of signing unencrypted messages selected. Unfortunately, when I try to send a message, I get a message that encryption has not yet been set up for this account. After switching from the options menu to S / MIME, a message signed with the S / MIME certificate is sent correctly. In the settings, I have the option checked so that the program will automatically select an option based on the keys, but it doesn't, I also can't rearrange the options so that the S / MIME option is preferred, the functions are checked but impossible to edit. Please help.

I have a problem with the 102.3.1 release. I have several email accounts with S / MIME certificates set up but for signing only, if I want to encrypt my messages then I manually select encrypt. The problem is that the OpenPGP option is selected by default in the compose window and I am not able to set it to be S / MIME by default. In the account settings in the end-to-end encryption tab, I have the certificates read and the option of signing unencrypted messages selected. Unfortunately, when I try to send a message, I get a message that encryption has not yet been set up for this account. After switching from the options menu to S / MIME, a message signed with the S / MIME certificate is sent correctly. In the settings, I have the option checked so that the program will automatically select an option based on the keys, but it doesn't, I also can't rearrange the options so that the S / MIME option is preferred, the functions are checked but impossible to edit. Please help.

Todas las respuestas (3)

more options

What is the status of the OpenPGP part in the End-To-End Encryption setup?

Is there an OpenPGP key available for the same account?

more options

Hello Folks, currently I have the same problem with Thunderbird 102.3.1 (64-bit). I use S/MIME for all existing accounts (and identities), but PGP only for a single identity. Nevertheless, when composing a message (in any identity), PGP is always preset as the encryption mode.

So far I could only solve this by creating an PGP key for each identity and then setting S/MIME as preferred method in the identity's account settings. This is absolutely not effective and very error-prone. It would be desirable to be able to specify which encryption mode is mandatory, regardless of whether a PGP key or S/MIME certificate is available.

best regards

more options

I see the same behaviour with an account using S/MIME. Interestingly, there seems to have been a triggering event for this, as it worked fine until recently (and still works fine with Thunderbird on my other machine; both 128.8.0).

It started after sending an email via another account in the same profile and failure to retrieve the associated PGP key as it was stored on a not plugged-in Yubikey. After this event, the S/MIME account started to default to OpenPGP despite no PGP key being associated with it.

The hotfix mentioned above resolves this behaviour, but only as long as a PGP key remains associated to the S/MIME account. Manually setting mail.identity.idX.encryptionpolicy = 1 alone doesn't help.

Modificadas por Thomas el