Navigation

    Kopano
    • Register
    • Login
    • Search
    • Categories
    • Get Official Kopano Support
    • Recent
    Statement regarding the closure of the Kopano community forum and the end of the community edition

    Use SMIME certificates without LDAP or AD?

    Plugins for Kopano WebApp
    3
    14
    3060
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • fbartels
      fbartels Kopano @xplod last edited by

      Hello @xplod ,

      I have then moved your post into the WebApp plugin section (as its more about the s/mime plugin, than Kopano Core).

      You at first need to receive a signed email from the recipient to have his public cert stored.

      Regards Felix

      Resources:
      https://kopano.com/blog/how-to-get-kopano/
      https://documentation.kopano.io/
      https://kb.kopano.io/

      Support overview:
      https://kopano.com/support/

      xplod 1 Reply Last reply Reply Quote 0
      • xplod
        xplod @fbartels last edited by

        @fbartels said in Use SMIME certificates without LDAP or AD?:

        You at first need to receive a signed email from the recipient to have his public cert stored.

        An encrypted email is in my inbox.
        If I want to open it, I have to enter my password, and after that, the mail states “Message decrypted succesfully”.
        In the “SMIME Message” column, the mail is displayed with a closed lock icon.

        But I have no public certificate in my SMIME settings tab.

        fbartels 1 Reply Last reply Reply Quote 0
        • fbartels
          fbartels Kopano @xplod last edited by

          Hi @xplod ,

          you’ve lost me. Are you just wondering where the public part is stored or do you get an error when opening a mail?

          Regards Felix

          Resources:
          https://kopano.com/blog/how-to-get-kopano/
          https://documentation.kopano.io/
          https://kb.kopano.io/

          Support overview:
          https://kopano.com/support/

          xplod 1 Reply Last reply Reply Quote 0
          • xplod
            xplod @fbartels last edited by

            @fbartels said in Use SMIME certificates without LDAP or AD?:

            Hi @xplod ,

            you’ve lost me. Are you just wondering where the public part is stored or do you get an error when opening a mail?

            I can open incoming, encrypted mail.
            But if I want to replay to an encrypted mail with an encrypted message, I get “Missing public certificates”.

            Simply I want to know what I have do to store the public key in kopano.
            It looks like kopano should store the received public key automatically, but it doesn’t do so.

            So my actual questions are:
            1.) Can I somehow manually upload a public key (I’ve found solutions for LDAP and AD, but not for database backend)
            2.) Do I have to upgrade my database somehow to allow kopano to store incoming public certificates?

            Thank you for your kind help.

            Best regards,
            X

            fbartels 1 Reply Last reply Reply Quote 0
            • fbartels
              fbartels Kopano @xplod last edited by

              @xplod said in Use SMIME certificates without LDAP or AD?:

              1.) Can I somehow manually upload a public key (I’ve found solutions for LDAP and AD, but not for database backend)

              The public certs are not stored in the user backend, but in the store. so the scripts you have found should also work with the database backend.

              @xplod said in Use SMIME certificates without LDAP or AD?:

              2.) Do I have to upgrade my database somehow to allow kopano to store incoming public certificates?

              no for above reason.

              Regards Felix

              Resources:
              https://kopano.com/blog/how-to-get-kopano/
              https://documentation.kopano.io/
              https://kb.kopano.io/

              Support overview:
              https://kopano.com/support/

              1 Reply Last reply Reply Quote 0
              • marty
                marty Kopano (Inactive) last edited by

                Which version of the s/mime plugin are you running? This functionality was broken in the 2.2.0beta1 and fixed in the 2.2.0beta2 (https://jira.kopano.io/browse/KSP-147)

                Maybe this can also help:
                https://documentation.kopano.io/webapp_smime_manual/certificate_management.html#use-public-keys-from-global-address-book-users

                https://documentation.kopano.io/deskapp_admin_manual
                http://documentation.kopano.io/webapp_smime_manual
                https://documentation.kopano.io/webapp_admin_manual

                xplod 1 Reply Last reply Reply Quote 0
                • xplod
                  xplod @marty last edited by

                  @marty said in Use SMIME certificates without LDAP or AD?:

                  Which version of the s/mime plugin are you running? This functionality was broken in the 2.2.0beta1 and fixed in the 2.2.0beta2 (https://jira.kopano.io/browse/KSP-147)

                  Maybe this can also help:
                  https://documentation.kopano.io/webapp_smime_manual/certificate_management.html#use-public-keys-from-global-address-book-users

                  I am using the current version on kopano.io: smime-1.0.00_0+10.1-Ubuntu_16.04-amd64
                  I updated the kopano smime webapp plugin today, because, although my installed version had the same name, the files on kopano.io differed…

                  The link you send is the one I am refering to. I do not use LDAP or AD, and I am not able to write a python script to upload a certificate using the example provided…

                  Best regards,
                  X

                  1 Reply Last reply Reply Quote 0
                  • marty
                    marty Kopano (Inactive) last edited by

                    It’s not possible to manually upload your public certificate. There is a ticket for this though: https://jira.kopano.io/browse/KSP-48 so please track it to get updates.

                    If not using LDAP / AD in combination with PR_EMS_AB_TAGGED_X509_CERT property you need to receive a signed message of a user. When reading this message the public key will be imported and you can make an encrypted email.

                    https://documentation.kopano.io/deskapp_admin_manual
                    http://documentation.kopano.io/webapp_smime_manual
                    https://documentation.kopano.io/webapp_admin_manual

                    1 Reply Last reply Reply Quote 0
                    • xplod
                      xplod last edited by

                      OK, so it isn’t possible to upload certificates.
                      I have received multiple encrypted mails, but the S/MIME settings page displays ony my own 2 certificates (private and public).
                      I have opened the encrypted email in webapp and DeskApp, the S/MIME page stays empty and doesn’t list any other certificates than mine…

                      May I send you a PN with my private email so that you can send me an encrypted message? Perhaps it’s an issue with the used certificate.

                      1 Reply Last reply Reply Quote 0
                      • marty
                        marty Kopano (Inactive) last edited by

                        You should receive signed emails

                        https://documentation.kopano.io/deskapp_admin_manual
                        http://documentation.kopano.io/webapp_smime_manual
                        https://documentation.kopano.io/webapp_admin_manual

                        1 Reply Last reply Reply Quote 0
                        • xplod
                          xplod last edited by

                          @marty said in Use SMIME certificates without LDAP or AD?:

                          You should receive signed emails

                          Ahh. That’s it.

                          You have to click on the “signed” symbol to do a certificate check. If the check succedes, the cert is added to the cert store…
                          Would it be possible to add the same mechanism to encrypted mails?

                          Best regards, and thanks for your help.
                          X

                          1 Reply Last reply Reply Quote 0
                          • First post
                            Last post