Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

Vanwege onderhoudswerkzaamheden die uw ervaring zouden moeten verbeteren, heeft deze website beperkte functionaliteit. Als een artikel uw probleem niet verhelpt en u een vraag wilt stellen, kan onze ondersteuningsgemeenschap u helpen in @FirefoxSupport op Twitter en /r/firefox op Reddit.

Avatar for Username

Zoeken in Support

Vermijd ondersteuningsscams. We zullen u nooit vragen een telefoonnummer te bellen, er een sms naar te sturen of persoonlijke gegevens te delen. Meld verdachte activiteit met de optie ‘Misbruik melden’.

Meer info

Deze conversatie is gearchiveerd. Stel een nieuwe vraag als u hulp nodig hebt.

How can I override the restriction on the email address of a PKI signing certificate matching the mail account?

  • 2 antwoorden
  • 1 heeft dit probleem
  • 1 weergave
  • Laatste antwoord van manchesterj

manchesterj
manchesterj
more options

I have used Thunderbird successfully to access multiple mails accounts; one individual mail account, the others are used by multiple people.

I use PKI certificates to send signed emails. My PKI certificates all have the email address of my individual mail account. In the past, I have been able to send signed emails with those certificates from other mail accounts. (The recipient will see the signature as questionable, but can examine the signing certificate to determine the authenticity of the sender.)

Thunderbird is not allowing me to select a certificate unless the email address in the certificate matches the email address of the mail account. Is there any way to override this?

I have used Thunderbird successfully to access multiple mails accounts; one individual mail account, the others are used by multiple people. I use PKI certificates to send signed emails. My PKI certificates all have the email address of my individual mail account. In the past, I have been able to send signed emails with those certificates from other mail accounts. (The recipient will see the signature as questionable, but can examine the signing certificate to determine the authenticity of the sender.) Thunderbird is not allowing me to select a certificate unless the email address in the certificate matches the email address of the mail account. Is there any way to override this?

Alle antwoorden (2)

Matt
Matt
  • Moderator
  • Top 10 Contributor
more options

I would be rather disappointed if there was a way to over ride it. Sounds to me like someone has fixed a bug.

manchesterj
manchesterj Vraageigenaar
more options

I disagree. It would only be a bug if the person receiving the email did not clearly see an indication that the signature on the email is "invalid" (or at least 'suspect'). But recipients do see that indication.

Mozilla actually makes a habit of allowing for people to override security constraints. (Usually in that config file.)