This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Èròjà atẹ̀lélànà yii ni a ti fi pamọ́ fọ́jọ́ pípẹ́. Jọ̀wọ́ béèrè ìbéèrè titun bí o bá nílò ìrànwọ́.

S/MIME Problem

  • 3 àwọn èsì
  • 3 ní àwọn ìṣòro yìí
  • 14 views
  • Èsì tí ó kẹ́hìn lọ́wọ́ Thomas

more options

I have a problem with the 102.3.1 release. I have several email accounts with S / MIME certificates set up but for signing only, if I want to encrypt my messages then I manually select encrypt. The problem is that the OpenPGP option is selected by default in the compose window and I am not able to set it to be S / MIME by default. In the account settings in the end-to-end encryption tab, I have the certificates read and the option of signing unencrypted messages selected. Unfortunately, when I try to send a message, I get a message that encryption has not yet been set up for this account. After switching from the options menu to S / MIME, a message signed with the S / MIME certificate is sent correctly. In the settings, I have the option checked so that the program will automatically select an option based on the keys, but it doesn't, I also can't rearrange the options so that the S / MIME option is preferred, the functions are checked but impossible to edit. Please help.

I have a problem with the 102.3.1 release. I have several email accounts with S / MIME certificates set up but for signing only, if I want to encrypt my messages then I manually select encrypt. The problem is that the OpenPGP option is selected by default in the compose window and I am not able to set it to be S / MIME by default. In the account settings in the end-to-end encryption tab, I have the certificates read and the option of signing unencrypted messages selected. Unfortunately, when I try to send a message, I get a message that encryption has not yet been set up for this account. After switching from the options menu to S / MIME, a message signed with the S / MIME certificate is sent correctly. In the settings, I have the option checked so that the program will automatically select an option based on the keys, but it doesn't, I also can't rearrange the options so that the S / MIME option is preferred, the functions are checked but impossible to edit. Please help.

All Replies (3)

more options

What is the status of the OpenPGP part in the End-To-End Encryption setup?

Is there an OpenPGP key available for the same account?

more options

Hello Folks, currently I have the same problem with Thunderbird 102.3.1 (64-bit). I use S/MIME for all existing accounts (and identities), but PGP only for a single identity. Nevertheless, when composing a message (in any identity), PGP is always preset as the encryption mode.

So far I could only solve this by creating an PGP key for each identity and then setting S/MIME as preferred method in the identity's account settings. This is absolutely not effective and very error-prone. It would be desirable to be able to specify which encryption mode is mandatory, regardless of whether a PGP key or S/MIME certificate is available.

best regards

more options

I see the same behaviour with an account using S/MIME. Interestingly, there seems to have been a triggering event for this, as it worked fine until recently (and still works fine with Thunderbird on my other machine; both 128.8.0).

It started after sending an email via another account in the same profile and failure to retrieve the associated PGP key as it was stored on a not plugged-in Yubikey. After this event, the S/MIME account started to default to OpenPGP despite no PGP key being associated with it.

The hotfix mentioned above resolves this behaviour, but only as long as a PGP key remains associated to the S/MIME account. Manually setting mail.identity.idX.encryptionpolicy = 1 alone doesn't help.

Ti ṣàtúnṣe nípa Thomas