为提升您的使用体验,本站正在维护,部分功能暂时无法使用。如果本站文章无法解决您的问题,您想要向社区提问的话,请到 Twitter 上的 @FirefoxSupport 或 Reddit 上的 /r/firefox 提问,我们的支持社区将会很快回复您的疑问。

搜索 | 用户支持

防范以用户支持为名的诈骗。我们绝对不会要求您拨打电话或发送短信,及提供任何个人信息。请使用“举报滥用”选项报告涉及违规的行为。

详细了解

S/MIME messages not decrypting

  • 5 个回答
  • 1 人有此问题
  • 3 次查看
  • 最后回复者为 waiwaing

more options

I have a work email address which forwards some of my emails to my personal email account. Thunderbird is setup to access my personal account, but not my work account. Because some of my emails (e.g. payslips) are encrypted using S/MIME, I imported my PFX file into Thunderbird. Historically, Thunderbird has then decrypted the encrypted S/MIME emails.

Recently, Thunderbird has stopped decrypting any of these emails, including emails that it used to decrypt without a problem. The certificate is still in the Certificate Manager, so I'm not sure as to what has happened.

The only thing I can imagine is that the certificate is for my work email address (not my personal email address), and for some reason, Thunderbird is now comparing the recipient email address and the certificate email address, realises that they don't match, and is thus not attempting to decrypt.

Does anyone know if (1) this is in fact the case, (2) if so, if there are any recommended workarounds, or (3) if not, what might be the real problem here?

I have a work email address which forwards some of my emails to my personal email account. Thunderbird is setup to access my personal account, but not my work account. Because some of my emails (e.g. payslips) are encrypted using S/MIME, I imported my PFX file into Thunderbird. Historically, Thunderbird has then decrypted the encrypted S/MIME emails. Recently, Thunderbird has stopped decrypting any of these emails, including emails that it used to decrypt without a problem. The certificate is still in the Certificate Manager, so I'm not sure as to what has happened. The only thing I can imagine is that the certificate is for my work email address (not my personal email address), and for some reason, Thunderbird is now comparing the recipient email address and the certificate email address, realises that they don't match, and is thus not attempting to decrypt. Does anyone know if (1) this is in fact the case, (2) if so, if there are any recommended workarounds, or (3) if not, what might be the real problem here?

所有回复 (5)

more options

Perhaps you need to forward your messages in an unencrypted form. It sounds like a bug to me that it ever worked at all.

more options
I have a work email address which forwards some of my emails to my personal email account.

Presumably you're using a different email client than Thunderbird to forward the message. How do you do that? When you have the message open for editing it obviously must be in the clear. To which cert do you encrypt when forwarding it? Or do you attach the encrypted message as is to an otherwise clear text email? Please elaborate.

Thunderbird has stopped decrypting any of these emails, including emails that it used to decrypt without a problem.

I'd assume there's some sort of error message?

more options

It's forwarded as an attachment to an unencrypted email. Because it's done as an Exchange rule, I don't believe there's a way to decrypt before forwarding (as the Exchange server won't have access to the certificate).

There isn't an error message, it just presents the attachment as it would any other attachment, whereas it used to decrypt the attached email inline.

more options

I have never tried that. Nor do I have any idea what format the Exchange server uses to forward the message as an attachment. There may have been changes on the Exchange server causing the behavior you see. For encrypted attachments you'd typically right-click the attachment, and then use 'Decrypt and Save'. In any case, you'd need the private key to decrypt the message.

more options

Exchange forwards the email as an application/pkcs7-mime attachment.

It doesn't seem to be an Exchange problem, as Thunderbird no longer decrypts messages it used to (i.e. a message received months ago, which Thunderbird used to successfully decrypt, now remains encrypted).

There also isn't a "Decrypt and Save" option--I only have "Open" (which prompts me to choose an application), "Save As...", "Detach..." and "Delete".

I appreciate that the old behavior may have been a bug (though I'm hoping it's not as it was quite useful); I'm just a little surprised that if it was, there aren't any obvious release notes pointing it out.