On 16-03-16 09:43, Stefan Michael Guenther wrote:
in our Ciphermail installation I have two certificates for my email address: One created
by StartSSL and one created by the CA of Ciphermail .
The StartSSL certificate lists as KeyUsage "keyEncipherment, dataEncipherment,
digitalSignature" and the local CA "keyEncipherment, digitalSignature".
But in the user profile, when I choose "S/MIME -> signing certificate" the
system only offers the local certificate.
Even in an account that only has the StartSSL certificate, this is not offered for
What could be the reason for that?
Could it be that the certificate (or intermediate) is not specifically
allowed for S/MIME? in other words, is the "Extended Key Usage" set and
does it contain "emailProtection"?
If you want you can send me the public cert (directly to me) and I can
take a look.
CipherMail email encryption
Email encryption with support for S/MIME, OpenPGP, PDF encryption and
secure webmail pull.