s/mime share public certificates

christian

We are using the s/mime plug in and the good thing is it usually works, we only had one small issue with it.

However we would like to use it even more. And for that we would like to share the public certificates between all users.
Best option would be if there would be a global setting, but if the certificates are stored somewhere I would also be happy with copying them between users.

So to clarify the idea is: As soon as I get the certificate for support@kopano.com all users on my server have the certificate for support@kopano.com.

Doing anything over the webapp seems impossible as on the settings there is now download only an upload button.

Not sure if it helps but we have a paid subscription

marty

You could probably script this with python-kopano, it’s in the store of the user.

As for uploading the pub certificate see:
https://jira.kopano.io/browse/KSP-48

Dr4K4n

Hi,
i tried to build a python script for this usecase. Sadly it doesn’t work properly. Has anyone an idea why?
The script is copying the cert from one user to another without complaints, but the cert never appears for the other user.

#!/usr/bin/env python
import kopano
from MAPI.Tags import *

server = kopano.Server()

certs = {}
userCerts = {}

for username in server.users(remote=True):
        for item in username.store.root.associated.items():
                if "WebApp.Security.Public" == item.prop(PR_MESSAGE_CLASS).value and (username.name == "stefan" or username.name == "pb"):
                        if username.name not in userCerts:
                                userCerts[username.name] = []
                        userCerts[username.name].append(item.subject)
                        if item.subject not in certs:
                                print "Found new cert",username.name,item.subject
                                certs[item.subject] = item

for username in server.users(remote=True):
        if username.name in userCerts and username.name == "stefan":
                for cert in certs.values():
                        if cert.subject not in userCerts[username.name]:
                                print username.name,"needs certificate for",cert.subject
                                copied = cert.copy(username.store.root.associated)
                                print "=> copied certificate for",copied.subject

christian

@Dr4K4n said in s/mime share public certificates:

Hi,
i tried to build a python script for this usecase. Sadly it doesn’t work properly. Has anyone an idea why?
The script is copying the cert from one user to another without complaints, but the cert never appears for the other user.

To debug this. Have you tried to do something else with the certificates other then copying them? For example can you read them and save them to the local file system?

marty

@Dr4K4n Give webapp_admin a try
https://forum.kopano.io/topic/2301/request-for-feedback-webapp-admin

There is an option to export/import certs.

christian

@marty I had a look at the webapp admin tool you mentioned.
As far as I can see the tool is unfinished. The s/mime import section has “if not public:”.
But both Dr4K4n and I are trying to import public certificates belonging to other people and not the users own private certificates…

Do you have any other ideas on how to import them?

Christian