Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

Ky sajt do të funksionojë me kufizime, teksa bëjmë mirëmbajtjen e tij për të përmirësuar punën tuaj. Nëse një artikull nuk e zgjidh problemin tuaj dhe dëshironi të bëni një pyetje, kemi bashkësinë tonë të asistencës, e gatshme për t’ju ndihmuar, te @FirefoxSupport në Twitter dhe/r/firefox në Reddit.

Avatar for Username

Kërkoni te Asistenca

Shmangni karremëzime gjoja asistence. S’do t’ju kërkojmë kurrë të bëni një thirrje apo të dërgoni tekst te një numër telefoni, apo të na jepni të dhëna personale. Ju lutemi, raportoni veprimtari të dyshimtë duke përdorur mundësinë “Raportoni Abuzim”.

Mësoni Më Tepër

Kjo rrjedhë është arkivuar. Ju lutemi, bëni një pyetje të re, nëse keni nevojë për ndihmë.

Can't use S/MIME certificate to sign email

  • 5 përgjigje
  • 1 e ka hasur këtë problem
  • 1 parje
  • Përgjigjja më e re nga Matt

nneal1
nneal1
more options

This is happening to a user I support, but I can recreate this issue in the thunderbird 91.4.0 snap package on ubuntu.

Whenever I load my S/MIME certificates (procured from digicert) I get a message when signing an email, not allowing me to sign or encrypt my email:

"Sending of the message failed. You specified that this message should be digitally signed, but the application either failed to find the signing certificate specified in your Mail & Newsgroup Account Settings, or the certificate has expired."

I have tried loading my CA certificates under the authorities tab, where it tells me that the cert is already in the certificate store. I have also checked, and the certificate doesn't expire until May of 2022.

I've tried finding extended debugging parameters, and trying many different things to no avail. I appreciate any suggestions that someone may have.

This is happening to a user I support, but I can recreate this issue in the thunderbird 91.4.0 snap package on ubuntu. Whenever I load my S/MIME certificates (procured from digicert) I get a message when signing an email, not allowing me to sign or encrypt my email: "Sending of the message failed. You specified that this message should be digitally signed, but the application either failed to find the signing certificate specified in your Mail & Newsgroup Account Settings, or the certificate has expired." I have tried loading my CA certificates under the authorities tab, where it tells me that the cert is already in the certificate store. I have also checked, and the certificate doesn't expire until May of 2022. I've tried finding extended debugging parameters, and trying many different things to no avail. I appreciate any suggestions that someone may have.
Foto të bashkëngjitura ekrani

Krejt Përgjigjet (5)

christ1
christ1
  • Top 25 Contributor
more options
I have tried loading my CA certificates under the authorities tab

You need to import your cert (and private key) under the 'Your Certificates' tab in Thunderbird.

nneal1
nneal1 I zoti i pyetjes
more options

I have imported my cert and private key under the 'Your Certificates' tab, and still get the same result.

Matt
Matt
  • Moderator
  • Top 10 Contributor
more options

I have this happen to me periodically. When it does the certificate in account settings has lost it's serial number. Clicking select opens the certificate manager against the correct certificate and I then can sign mail again until the next time.

Bug 1481969 refers

nneal1
nneal1 I zoti i pyetjes
more options

Thanks for your reply!

The certs are selected, and showing their fingerprints. To ensure this wasn't the issue, I have re-selected the certificates only to have the same result (I've attached an image showing the thumbprints next to the name). I've also tried going in to the cert authority area and selecting "This certificate can identify mail users" tick box on the Digicert CA certificates, and that did not work either.

The user, who is also experiencing this issue, his S/MIME certificate is good until May of next year. Since my cert is nearing expiration, I'm going to try renewing early, and see if that fixes the issue on my side to make sure the user and I are experiencing the same issue.

I will update this If anything changes from my testing.

Matt
Matt
  • Moderator
  • Top 10 Contributor
more options

you might also want to disable the option to check certificates using "query OCSP responder servers" before you renew. My guess is that process is returning a not valid result.