Yes, there a "key" symbol next to the email address of the certificate
and yes, a key symbol is shown to the right of
"Certificate info", therefore a private key is available.
And I'm using the same email address as the address of the certificate and
the signing certificate gets selected when adding the user.
Certificate usage shows it can be used for Signing
but emails do not get signed.
Martijn, you wrote:
"Since you have the private key and the key can be used for signing you can select
the key for signing."
How can I select the key for signing ?
If I want to select signing certificate for this user in Djigzo it tells me
"There are no matching certificates"
To check if the end-user certificate holds private keys I've tried to download the
private keys from the certficate and a PFX file is created.
Best regards,
Perry
------------------------------
Message: 4
Date: Thu, 26 Apr 2012 11:19:55 +0200 (CEST)
From: Perry Peeters <p.peeters(a)deonet.nl>
Subject: [Djigzo users] assigning certficates
To: users(a)lists.djigzo.com
Message-ID: <9fa63a44-893a-4410-9c6e-7fb2f74374f4@deolinux1>
Content-Type: text/plain; charset=utf-8
We want our Djigzo to PDF encrypt and S/MIME sign using a Comodo Secure Email certificate
for a specific user (originator).
The Key Usage of the certificate shows: "keyEncipherment, digitalSignature".
Unfortunately the certificate for this user shows up in Djigzo as encryption certificate not as signing certificate
and I can't unassign / reassign.
Also I can't assign the certificate as signing certficate.
Because of this setup emails are S/MIME encrypted not signed, not what I want.
Is there a solution ?
------------------------------
Message: 5
Date: Thu, 26 Apr 2012 11:31:41 +0200
From: Martijn Brinkers <martijn(a)djigzo.com>
Subject: Re: [Djigzo users] assigning certficates
To: users(a)lists.djigzo.com
Message-ID: <4F9915FD.7030307(a)djigzo.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
On 04/26/2012 11:19 AM, Perry Peeters wrote:
> We want our Djigzo to PDF encrypt and S/MIME sign using a Comodo Secure Email certificate
> for a specific user (originator).
> The Key Usage of the certificate shows: "keyEncipherment, digitalSignature".
> Unfortunately the certificate for this user shows up in Djigzo as encryption certificate not as signing certificate
> and I can't unassign / reassign.
> Also I can't assign the certificate as signing certficate.
> Because of this setup emails are S/MIME encrypted not signed, not what I want.
> Is there a solution ?
A key can be used as a signing key if you have the private key and if
the key usage allows the key to be used for signing. A (public) key can
be used for encryption if the key usage allows encryption. Since you
have the private key and the key can be used for signing you can select
the key for signing. Whether or not you can select it as an encryption
key does not matter. First make sure that your email will be correctly
signed. This can be done by deselecting "Only sign when encrypt". Once
you know that your outgoing email will be correctly signed, you can
enable signing of the PDF encrypted email by selecting the PDF advanced
option "Sign email".
Kind regards,
Martijn Brinkers
We want our Djigzo to PDF encrypt and S/MIME sign using a Comodo Secure Email certificate
for a specific user (originator).
The Key Usage of the certificate shows: "keyEncipherment, digitalSignature".
Unfortunately the certificate for this user shows up in Djigzo as encryption certificate not as signing certificate
and I can't unassign / reassign.
Also I can't assign the certificate as signing certficate.
Because of this setup emails are S/MIME encrypted not signed, not what I want.
Is there a solution ?
Thanks Martijn,
Comodo root and intermediate were included in the p7b's of your site.
After importing them into the root and certificates store the warning message disappeared.
The CA column still shows "false", I've already tried to delete and import the (end-user) certficate again
but it still shows "false".
Is CA "false" correct for end-user certificates ?
Thanks,
Perry
----------------------------------------------------------------------
Message: 1
Date: Wed, 25 Apr 2012 08:43:51 +0200 (CEST)
From: Perry Peeters <p.peeters(a)deonet.nl>
Subject: [Djigzo users] Comodo secure email certificate
To: users(a)lists.djigzo.com
Message-ID: <617d4b17-93a7-46eb-acb6-c724b8552dea@deolinux1>
Content-Type: text/plain; charset=utf-8
After buying a secure email certificate from Comodo I imported the certificate
into Djigzo.
The certficate shows up with the following message in the Info column:
"Error building certPath. No issuer ce..."
Also CA shows "false"
What caused this and how can we get this resolved ?
------------------------------
Message: 2
Date: Wed, 25 Apr 2012 08:52:52 +0200
From: Martijn Brinkers <martijn(a)djigzo.com>
Subject: Re: [Djigzo users] Comodo secure email certificate
To: users(a)lists.djigzo.com
Message-ID: <4F979F44.1060903(a)djigzo.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
On 04/25/2012 08:43 AM, Perry Peeters wrote:
> After buying a secure email certificate from Comodo I imported the certificate
> into Djigzo.
> The certficate shows up with the following message in the Info column:
> "Error building certPath. No issuer ce..."
> Also CA shows "false"
> What caused this and how can we get this resolved ?
Did you install the Comodo root and intermediate certificate? The
warning "no issuer cert.." is shown if the certificate chain (i.e., the
trust chain from certificate to a trusted root) is not complete. You can
import the p7b files with some roots and intermediate certificates from
http://www.djigzo.com/downloads.html (see certificates). The
intermediates need to be imported into the certificates store and the
roots into the root store. I'm not sure whether the Comodo root and
intermediate certificate(s) are included with the p7b's though.
Alternatively you can export the chain from the system on which the
Comodo certificate is stored and import the chain into DJIGZO.
Kind regards,
Martijn Brinkers
------------------------------
_______________________________________________
Users mailing list
Users(a)lists.djigzo.com
http://lists.djigzo.com/lists/listinfo/users
End of Users Digest, Vol 35, Issue 7
************************************
Thanks Andreas and Martijn,
Andreas is right.
It is indeed an end-user certificate
(subject starts with "EMAILADDRESS=").
Best regards,
Perry
----------------------------------------------------------------------
Message: 1
Date: Wed, 25 Apr 2012 12:41:49 +0200 (CEST)
From: Perry Peeters <p.peeters(a)deonet.nl>
Subject: Re: [Djigzo users] Comodo secure email certificate
To: users(a)lists.djigzo.com
Message-ID: <195907d3-a5d8-4acb-8c04-0711bef0f1a7@deolinux1>
Content-Type: text/plain; charset=utf-8
Thanks Martijn,
Comodo root and intermediate were included in the p7b's of your site.
After importing them into the root and certificates store the warning message disappeared.
The CA column still shows "false", I've already tried to delete and import the (end-user) certficate again
but it still shows "false".
Is CA "false" correct for end-user certificates ?
Thanks,
Perry
----------------------------------------------------------------------
Message: 1
Date: Wed, 25 Apr 2012 08:43:51 +0200 (CEST)
From: Perry Peeters <p.peeters(a)deonet.nl>
Subject: [Djigzo users] Comodo secure email certificate
To: users(a)lists.djigzo.com
Message-ID: <617d4b17-93a7-46eb-acb6-c724b8552dea@deolinux1>
Content-Type: text/plain; charset=utf-8
After buying a secure email certificate from Comodo I imported the certificate
into Djigzo.
The certficate shows up with the following message in the Info column:
"Error building certPath. No issuer ce..."
Also CA shows "false"
What caused this and how can we get this resolved ?
------------------------------
Message: 2
Date: Wed, 25 Apr 2012 08:52:52 +0200
From: Martijn Brinkers <martijn(a)djigzo.com>
Subject: Re: [Djigzo users] Comodo secure email certificate
To: users(a)lists.djigzo.com
Message-ID: <4F979F44.1060903(a)djigzo.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
On 04/25/2012 08:43 AM, Perry Peeters wrote:
> After buying a secure email certificate from Comodo I imported the certificate
> into Djigzo.
> The certficate shows up with the following message in the Info column:
> "Error building certPath. No issuer ce..."
> Also CA shows "false"
> What caused this and how can we get this resolved ?
Did you install the Comodo root and intermediate certificate? The
warning "no issuer cert.." is shown if the certificate chain (i.e., the
trust chain from certificate to a trusted root) is not complete. You can
import the p7b files with some roots and intermediate certificates from
http://www.djigzo.com/downloads.html (see certificates). The
intermediates need to be imported into the certificates store and the
roots into the root store. I'm not sure whether the Comodo root and
intermediate certificate(s) are included with the p7b's though.
Alternatively you can export the chain from the system on which the
Comodo certificate is stored and import the chain into DJIGZO.
Kind regards,
Martijn Brinkers
------------------------------
_______________________________________________
Users mailing list
Users(a)lists.djigzo.com
http://lists.djigzo.com/lists/listinfo/users
End of Users Digest, Vol 35, Issue 7
************************************
------------------------------
Message: 2
Date: Wed, 25 Apr 2012 12:49:18 +0200
From: lst_hoe02(a)kwsoft.de
Subject: Re: [Djigzo users] Comodo secure email certificate
To: users(a)lists.djigzo.com
Message-ID:
<20120425124918.Horde.BzByZLSs0flPl9auxgr2BxA(a)horde4.hq.kwsoft.de>
Content-Type: text/plain; charset=utf-8; format=flowed; DelSp=Yes
Zitat von Perry Peeters <p.peeters(a)deonet.nl>:
> Thanks Martijn,
>
> Comodo root and intermediate were included in the p7b's of your site.
> After importing them into the root and certificates store the
> warning message disappeared.
> The CA column still shows "false", I've already tried to delete and
> import the (end-user) certficate again
> but it still shows "false".
> Is CA "false" correct for end-user certificates ?
Yes, because end-user certificates are indeed not a root-CA.
Regards
Andreas
------------------------------
Message: 3
Date: Wed, 25 Apr 2012 13:17:46 +0200
From: Martijn Brinkers <martijn(a)djigzo.com>
Subject: Re: [Djigzo users] Comodo secure email certificate
To: users(a)lists.djigzo.com
Message-ID: <4F97DD5A.4070306(a)djigzo.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
On 04/25/2012 12:41 PM, Perry Peeters wrote:
> Thanks Martijn,
>
> Comodo root and intermediate were included in the p7b's of your site.
> After importing them into the root and certificates store the warning message disappeared.
> The CA column still shows "false", I've already tried to delete and import the (end-user) certficate again
> but it still shows "false".
> Is CA "false" correct for end-user certificates ?
Can you send me your Comodo certificate (i.e., the .cer file) privately
(to martijn(a)djigzo.com). It might be that Comodo is using a different
intermediate certificate now which is not included with the provided
.p7b from the website.
Kind regards,
Martijn Brinkers
------------------------------
Message: 4
Date: Wed, 25 Apr 2012 13:51:48 +0200
From: lst_hoe02(a)kwsoft.de
Subject: Re: [Djigzo users] Comodo secure email certificate
To: users(a)lists.djigzo.com
Message-ID: <20120425135148.10247hkovl32lag4(a)webmail.kwsoft.de>
Content-Type: text/plain; charset="iso-8859-1"
Zitat von Martijn Brinkers <martijn(a)djigzo.com>:
> On 04/25/2012 12:41 PM, Perry Peeters wrote:
>> Thanks Martijn,
>>
>> Comodo root and intermediate were included in the p7b's of your site.
>> After importing them into the root and certificates store the
>> warning message disappeared.
>> The CA column still shows "false", I've already tried to delete and
>> import the (end-user) certficate again
>> but it still shows "false".
>> Is CA "false" correct for end-user certificates ?
>
> Can you send me your Comodo certificate (i.e., the .cer file) privately
> (to martijn(a)djigzo.com). It might be that Comodo is using a different
> intermediate certificate now which is not included with the provided
> .p7b from the website.
Correct me if i'm wrong but the CA column should be "false" for
end-user certificates in the certificates panel, no? Only in the root
panel the CA should be true??
Regards
Andreas
After buying a secure email certificate from Comodo I imported the certificate
into Djigzo.
The certficate shows up with the following message in the Info column:
"Error building certPath. No issuer ce..."
Also CA shows "false"
What caused this and how can we get this resolved ?
What is the purpose of the AP (Appliance partner) field in
Comodo certificate request handler ?
We bought certficates directly from Comodo not thru a reseller
but AP is a mandatory field.
Hi,
I'm looking into using Djigzo for an email encryption and signing gateway.
The ideal setup would be to have an application send email with a pdf attachment
to the Djigzo server, Djigzo would encrypt the pdf attachment and digitally sign the
email and pass it on to the relay server who will send it to the recipient.
Is this be possible with the current release of Djigzo ?
Thanks,
Perry
Hi all,
is it possible to configure djizgo so that besides the xForward extension it also uses the xClient commands ?
Installed with default configuration when an email is sent back to postfix a Header "Received from: localhost (127.0.0.1)" is added by postfix on the receiving side. When using it with mailscanner it would be necessary to have the original sender in that "received from" header. djizgo sends xForward (but not xClient), that way the original sender is addede to the header but the message is still coming from localhost...
chris
