Navigation

    Kopano
    • Register
    • Login
    • Search
    • Categories
    • Get Official Kopano Support
    • Recent
    Statement regarding the closure of the Kopano community forum and the end of the community edition

    smime webapp kopano

    Plugins for Kopano WebApp
    7
    28
    2767
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A Former User
      A Former User last edited by

      Hi everyone,

      I am using smime to sign my email (not encrypt). I uploaded the certificate in the kopano webapp ans install the certificate on my iphone. When i send an email and sign it from kopano webapp the mail comes in as untrusted. If i send an mail from my iphone it comes in as trusted.

      How can i resolve this?

      1 Reply Last reply Reply Quote 0
      • marty
        marty Kopano (Inactive) last edited by

        Could you post the versions you are using.
        How does the mail look webapp -> webapp?

        https://documentation.kopano.io/deskapp_admin_manual
        http://documentation.kopano.io/webapp_smime_manual
        https://documentation.kopano.io/webapp_admin_manual

        A Former User 1 Reply Last reply Reply Quote 0
        • A Former User
          A Former User @marty last edited by

          @marty

          Hi marty,

          I yuse the latest nightly build. Of i mail from webapp to webapp iT is ok. Of i mail from webapp to outlook iT is not ok?

          A Former User 1 Reply Last reply Reply Quote 0
          • A Former User
            A Former User @Guest last edited by

            @marty

            Smime plugin version is 1.0

            When sending from webapp to outlouk

            0_1536253479678_cd4ec897-a885-43cc-b6df-89f6d8774606-image.png

            From webapp to webapp

            0_1536253504540_4f081fbc-ee22-45df-8cf9-a02e63e1c72d-image.png

            from iphone to outlook:

            0_1536253588771_862c9ee1-ddd0-4b9a-b9a6-2fe652474e13-image.png

            So when:

            from webapp to other clients then webapp it is nog signed correct
            From iphone to clients is ok
            From webapp to webapp is ok

            1 Reply Last reply Reply Quote 0
            • A Former User
              A Former User last edited by

              Anyone that can help with this?

              1 Reply Last reply Reply Quote 0
              • Studi
                Studi last edited by

                I have had similar experiences with exim as local mailer. See my topic here:
                https://forum.kopano.io/topic/1097/s-mime-signed-mails-showing-unsigned

                Which MTA do you use?

                A Former User 2 Replies Last reply Reply Quote 0
                • A Former User
                  A Former User @Studi last edited by

                  @Studi

                  Hi i use Postfix

                  1 Reply Last reply Reply Quote 0
                  • A Former User
                    A Former User @Studi last edited by

                    @studi

                    I do not think that that is the problem. If i send from webapp to iPhone or outlook iT is not trusted. But in webapp iT tels me that iT is ok AMD trusted. If i send a mail from my iPhone to Any cliënt iT tells me that it is trusted.

                    IT seems to be a bug in webapp. Webapp to webapp is ok but webapp to any other cliënt iT is not ok. If i send from any other cliënt but webapp iT is ok

                    1 Reply Last reply Reply Quote 0
                    • Studi
                      Studi last edited by

                      When using Postfix as local mailer I have no problems with S/MIME signed messages sending from WebbApp to external. I am using the current final release, not the nightly build.
                      What I have seen is, that the CA-Root Cert is not included when sending from WebbApp. Outlook includes the full certificate chain in the smime.p7s attachment. Maybe this could make problems with some mail clients.

                      Anybody here who is using S/MIME and can reproduce this?

                      1 Reply Last reply Reply Quote 0
                      • thctlo
                        thctlo last edited by

                        i quote @ckruijntjens : When i send an email and sign it from kopano webapp the mail comes in as untrusted

                        can you post the output of apache2ctl -t -D DUMP_VHOSTS
                        My guess is you are not using a vhost config like : <VirtualHost 192.168.0.1:443 99.50.10.1:443>
                        And you internal side is not responding with the correct certificates

                        A Former User 3 Replies Last reply Reply Quote 0
                        • A Former User
                          A Former User @thctlo last edited by

                          @thctlo

                          Hi i use centos. What do i need to do with virtualhost?

                          1 Reply Last reply Reply Quote 0
                          • A Former User
                            A Former User @thctlo last edited by

                            @thctlo if i understand correctly. I have uploaded the certificate to webapp. how does this involve with servername inside apache?

                            1 Reply Last reply Reply Quote 0
                            • A Former User
                              A Former User @thctlo last edited by

                              @thctlo

                              it all works except when i mail from the webapp. ?

                              1 Reply Last reply Reply Quote 0
                              • thctlo
                                thctlo last edited by

                                @ckruijntjens,
                                just a check for the servernames and certs, thats was why im asking.

                                The imported smime cert is a p12 (pfx) with the full chain?
                                and/or is the Root cert available on the computer?

                                you could try to verify you cert with gmail.
                                here is an example how. https://gist.github.com/essandess/395446556afea7334826e9df74f85edf
                                just to make sure its not in your certs.

                                A Former User 1 Reply Last reply Reply Quote 0
                                • A Former User
                                  A Former User @thctlo last edited by

                                  @thctlo

                                  Hi its ondead a p12 Pfx certificate. I installed iT on my iPhone and in outlook. If i send mail from these devices all is ok and trusted. Except when sending from webapp. However in webapp i installed the same certificate

                                  1 Reply Last reply Reply Quote 0
                                  • A Former User
                                    A Former User last edited by

                                    Hi,

                                    did you prepare your WebApp as described here: https://documentation.kopano.io/webapp_smime_manual/install_ca.html ?
                                    My S/MIME in WebApp works for me as expected.
                                    .

                                    A Former User 2 Replies Last reply Reply Quote 0
                                    • A Former User
                                      A Former User @Guest last edited by

                                      @walterhof

                                      Yes i have done this. my certificate comes from comodo.

                                      1 Reply Last reply Reply Quote 0
                                      • A Former User
                                        A Former User @Guest last edited by

                                        @walterhof nevermind. i tested some further and it seems that the incoming mailserver does something to the mail from the mailaccount that tels me that the mail is untrusted. if i send to other mailservers all is wel.

                                        1 Reply Last reply Reply Quote 0
                                        • marnoeBT
                                          marnoeBT last edited by

                                          I have the same problem
                                          send via webapp or deskapp works, but the receiver gets the indication that the mail could be manipulated.

                                          via ios it works perfectly and signed correctly.

                                          only clue when sending via web / deskapp is the e-mail header, here are 2 entries for Mime version

                                          ##########

                                          X-Amavis-Alert: BAD HEADER SECTION, Duplicate header field: “MIME-Version”
                                          Subject: TEST
                                          From: " anonymisiert " anonym@anonym.de
                                          To: “anonym@gmail.com” anonym@gmail.com
                                          Date: Fri, 28 Dec 2018 13:13:27 +0000
                                          Mime-Version: 1.0
                                          X-Priority: 3 (Normal)
                                          Message-Id: kcis.ID@anonym
                                          MIME-Version: 1.0
                                          Content-Type: multipart/signed; protocol=“application/x-pkcs7-signature”; micalg=“sha-256”; boundary="----88A2CFE0C5AF6C2296458FD5099A2592"

                                          ------88A2CFE0C5AF6C2296458FD5099A2592
                                          Subject: TEST
                                          From: " anonymisiert " anonym@anonym.de
                                          To: “anonym@gmail.com” anonym@gmail.com
                                          Date: Fri, 28 Dec 2018 13:13:26 +0000
                                          Mime-Version: 1.0
                                          Content-Type: multipart/alternative;
                                          boundary="=_S5y9yi0RKu2v32h4RxMkjB3kCwTUbrgVJBf8rcSRt6UGHFCO"
                                          X-Priority: 3 (Normal)
                                          Message-Id: <kcis.ID.anonym.de>

                                          ########

                                          specifications:
                                          debian9
                                          php-kopano-smime 1.0.00+14.3
                                          kopano-webapp 3.5.1.2067+1139.1
                                          kopano-server 8.7.80.355.acad8ae1e-0+26.1

                                          any ideas or workarounds?

                                          A Former User 1 Reply Last reply Reply Quote 0
                                          • A Former User
                                            A Former User @marnoeBT last edited by

                                            @marnoeBT

                                            nope i also still have the same isue.

                                            1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post