smime webapp kopano

Hi everyone,

I am using smime to sign my email (not encrypt). I uploaded the certificate in the kopano webapp ans install the certificate on my iphone. When i send an email and sign it from kopano webapp the mail comes in as untrusted. If i send an mail from my iphone it comes in as trusted.

How can i resolve this?

Could you post the versions you are using.
How does the mail look webapp -> webapp?


Hi marty,

I yuse the latest nightly build. Of i mail from webapp to webapp iT is ok. Of i mail from webapp to outlook iT is not ok?


Smime plugin version is 1.0

When sending from webapp to outlouk


From webapp to webapp


from iphone to outlook:


So when:

from webapp to other clients then webapp it is nog signed correct
From iphone to clients is ok
From webapp to webapp is ok

Anyone that can help with this?

I have had similar experiences with exim as local mailer. See my topic here:

Which MTA do you use?


Hi i use Postfix


I do not think that that is the problem. If i send from webapp to iPhone or outlook iT is not trusted. But in webapp iT tels me that iT is ok AMD trusted. If i send a mail from my iPhone to Any cliënt iT tells me that it is trusted.

IT seems to be a bug in webapp. Webapp to webapp is ok but webapp to any other cliënt iT is not ok. If i send from any other cliënt but webapp iT is ok

When using Postfix as local mailer I have no problems with S/MIME signed messages sending from WebbApp to external. I am using the current final release, not the nightly build.
What I have seen is, that the CA-Root Cert is not included when sending from WebbApp. Outlook includes the full certificate chain in the smime.p7s attachment. Maybe this could make problems with some mail clients.

Anybody here who is using S/MIME and can reproduce this?

i quote @ckruijntjens : When i send an email and sign it from kopano webapp the mail comes in as untrusted

can you post the output of apache2ctl -t -D DUMP_VHOSTS
My guess is you are not using a vhost config like : <VirtualHost>
And you internal side is not responding with the correct certificates


Hi i use centos. What do i need to do with virtualhost?

@thctlo if i understand correctly. I have uploaded the certificate to webapp. how does this involve with servername inside apache?


it all works except when i mail from the webapp. ?

just a check for the servernames and certs, thats was why im asking.

The imported smime cert is a p12 (pfx) with the full chain?
and/or is the Root cert available on the computer?

you could try to verify you cert with gmail.
here is an example how.
just to make sure its not in your certs.


Hi its ondead a p12 Pfx certificate. I installed iT on my iPhone and in outlook. If i send mail from these devices all is ok and trusted. Except when sending from webapp. However in webapp i installed the same certificate


did you prepare your WebApp as described here: ?
My S/MIME in WebApp works for me as expected.


Yes i have done this. my certificate comes from comodo.

@walterhof nevermind. i tested some further and it seems that the incoming mailserver does something to the mail from the mailaccount that tels me that the mail is untrusted. if i send to other mailservers all is wel.

I have the same problem
send via webapp or deskapp works, but the receiver gets the indication that the mail could be manipulated.

via ios it works perfectly and signed correctly.

only clue when sending via web / deskapp is the e-mail header, here are 2 entries for Mime version


X-Amavis-Alert: BAD HEADER SECTION, Duplicate header field: “MIME-Version”
Subject: TEST
From: " anonymisiert "
To: ""
Date: Fri, 28 Dec 2018 13:13:27 +0000
Mime-Version: 1.0
X-Priority: 3 (Normal)
Message-Id: kcis.ID@anonym
MIME-Version: 1.0
Content-Type: multipart/signed; protocol=“application/x-pkcs7-signature”; micalg=“sha-256”; boundary="----88A2CFE0C5AF6C2296458FD5099A2592"

Subject: TEST
From: " anonymisiert "
To: ""
Date: Fri, 28 Dec 2018 13:13:26 +0000
Mime-Version: 1.0
Content-Type: multipart/alternative;
X-Priority: 3 (Normal)
Message-Id: <>


php-kopano-smime 1.0.00+14.3

any ideas or workarounds?


nope i also still have the same isue.