Vanwege onderhoudswerkzaamheden die uw ervaring zouden moeten verbeteren, heeft deze website beperkte functionaliteit. Als een artikel uw probleem niet verhelpt en u een vraag wilt stellen, kan onze ondersteuningsgemeenschap u helpen in @FirefoxSupport op Twitter en /r/firefox op Reddit.

Avatar for Username

Zoeken in Support

Vermijd ondersteuningsscams. We zullen u nooit vragen een telefoonnummer te bellen, er een sms naar te sturen of persoonlijke gegevens te delen. Meld verdachte activiteit met de optie ‘Misbruik melden’.

Meer info

Deze conversatie is gearchiveerd. Stel een nieuwe vraag als u hulp nodig hebt.

verify sha256 signed S/MIME Mail from IBM Notes

  • 3 antwoorden
  • 1 heeft dit probleem
  • 1 weergave
  • Laatste antwoord van christ1

konhaeus
konhaeus
more options

Hello, we are using IBM Notes9 to write S/MIME mails signed with a sha256 certificate. Our CA is the DFN Verein. When the received mail is opend with Thunderbird (newest Version), the virification says that the mail was changed and the signature is not valid. Apple mail or outlook saying the signature is ok.

When i write a signed S/MIME mail with a sha1 certificate from Notes all is fine in Thunderbird.

Maybe someone can help us.

Regards Holger

Hello, we are using IBM Notes9 to write S/MIME mails signed with a sha256 certificate. Our CA is the DFN Verein. When the received mail is opend with Thunderbird (newest Version), the virification says that the mail was changed and the signature is not valid. Apple mail or outlook saying the signature is ok. When i write a signed S/MIME mail with a sha1 certificate from Notes all is fine in Thunderbird. Maybe someone can help us. Regards Holger

Alle antwoorden (3)

christ1
christ1
  • Top 25 Contributor
more options

Did you import the DFN CA cert into Thunderbird?

konhaeus
konhaeus Vraageigenaar
more options

Yes. And here is the chain: https://pki.pca.dfn.de/uni-kassel-ca/pub/cacert/chain.txt

If i send a mail from a Thunderbird or Outlook-Client using this certifikate, the signature is displayed as true in thunderbird. Only sending by IBM Notes to Thunderbird the signature appears as not valid. But sending from Notes to Apple Mail, the signature is displayed as valid.

christ1
christ1
  • Top 25 Contributor
more options

here is the chain

You'll need all CA certs in the chain in the Thunderbird certificate store.

send a mail from a Thunderbird or Outlook-Client using this certifikate

Which cert? For signing a message the private key of the sender is required. The recipient needs to have the cert (a.k.a. the public key) of the sender in the Thunderbird certificate store. I suppose the user cert used to sign the message has been issued by the DFN CA?

appears as not valid

What is the exact error message?