smime webapp kopano
-
Anyone that can help with this?
-
I have had similar experiences with exim as local mailer. See my topic here:
https://forum.kopano.io/topic/1097/s-mime-signed-mails-showing-unsignedWhich MTA do you use?
-
Hi i use Postfix
-
I do not think that that is the problem. If i send from webapp to iPhone or outlook iT is not trusted. But in webapp iT tels me that iT is ok AMD trusted. If i send a mail from my iPhone to Any cliënt iT tells me that it is trusted.
IT seems to be a bug in webapp. Webapp to webapp is ok but webapp to any other cliënt iT is not ok. If i send from any other cliënt but webapp iT is ok
-
When using Postfix as local mailer I have no problems with S/MIME signed messages sending from WebbApp to external. I am using the current final release, not the nightly build.
What I have seen is, that the CA-Root Cert is not included when sending from WebbApp. Outlook includes the full certificate chain in the smime.p7s attachment. Maybe this could make problems with some mail clients.Anybody here who is using S/MIME and can reproduce this?
-
i quote @ckruijntjens : When i send an email and sign it from kopano webapp the mail comes in as untrusted
can you post the output of apache2ctl -t -D DUMP_VHOSTS
My guess is you are not using a vhost config like : <VirtualHost 192.168.0.1:443 99.50.10.1:443>
And you internal side is not responding with the correct certificates -
Hi i use centos. What do i need to do with virtualhost?
-
@thctlo if i understand correctly. I have uploaded the certificate to webapp. how does this involve with servername inside apache?
-
it all works except when i mail from the webapp. ?
-
@ckruijntjens,
just a check for the servernames and certs, thats was why im asking.The imported smime cert is a p12 (pfx) with the full chain?
and/or is the Root cert available on the computer?you could try to verify you cert with gmail.
here is an example how. https://gist.github.com/essandess/395446556afea7334826e9df74f85edf
just to make sure its not in your certs. -
Hi its ondead a p12 Pfx certificate. I installed iT on my iPhone and in outlook. If i send mail from these devices all is ok and trusted. Except when sending from webapp. However in webapp i installed the same certificate
-
Hi,
did you prepare your WebApp as described here: https://documentation.kopano.io/webapp_smime_manual/install_ca.html ?
My S/MIME in WebApp works for me as expected.
. -
@walterhof
Yes i have done this. my certificate comes from comodo.
-
@walterhof nevermind. i tested some further and it seems that the incoming mailserver does something to the mail from the mailaccount that tels me that the mail is untrusted. if i send to other mailservers all is wel.
-
I have the same problem
send via webapp or deskapp works, but the receiver gets the indication that the mail could be manipulated.via ios it works perfectly and signed correctly.
only clue when sending via web / deskapp is the e-mail header, here are 2 entries for Mime version
##########
X-Amavis-Alert: BAD HEADER SECTION, Duplicate header field: “MIME-Version”
Subject: TEST
From: " anonymisiert " anonym@anonym.de
To: “anonym@gmail.com” anonym@gmail.com
Date: Fri, 28 Dec 2018 13:13:27 +0000
Mime-Version: 1.0
X-Priority: 3 (Normal)
Message-Id: kcis.ID@anonym
MIME-Version: 1.0
Content-Type: multipart/signed; protocol=“application/x-pkcs7-signature”; micalg=“sha-256”; boundary="----88A2CFE0C5AF6C2296458FD5099A2592"------88A2CFE0C5AF6C2296458FD5099A2592
Subject: TEST
From: " anonymisiert " anonym@anonym.de
To: “anonym@gmail.com” anonym@gmail.com
Date: Fri, 28 Dec 2018 13:13:26 +0000
Mime-Version: 1.0
Content-Type: multipart/alternative;
boundary="=_S5y9yi0RKu2v32h4RxMkjB3kCwTUbrgVJBf8rcSRt6UGHFCO"
X-Priority: 3 (Normal)
Message-Id: <kcis.ID.anonym.de>########
specifications:
debian9
php-kopano-smime 1.0.00+14.3
kopano-webapp 3.5.1.2067+1139.1
kopano-server 8.7.80.355.acad8ae1e-0+26.1any ideas or workarounds?
-
nope i also still have the same isue.
-
Deskapp the same problem.
iOS Mail & Thunderbird works fine -
I thought it was gone but indeed when sending from kopano webapp the mail signature is not trusted. What could be the problem?
-
Any one a solution to this problem? it is pritty anoying.
-
Please make a support ticket so Kopano support can dive deeper into the issue.