smime webapp kopano

thctlo

i quote @ckruijntjens : When i send an email and sign it from kopano webapp the mail comes in as untrusted

can you post the output of apache2ctl -t -D DUMP_VHOSTS
My guess is you are not using a vhost config like : <VirtualHost 192.168.0.1:443 99.50.10.1:443>
And you internal side is not responding with the correct certificates

A Former User

@thctlo

Hi i use centos. What do i need to do with virtualhost?

A Former User

@thctlo if i understand correctly. I have uploaded the certificate to webapp. how does this involve with servername inside apache?

A Former User

@thctlo

it all works except when i mail from the webapp. ?

thctlo

@ckruijntjens,
just a check for the servernames and certs, thats was why im asking.

The imported smime cert is a p12 (pfx) with the full chain?
and/or is the Root cert available on the computer?

you could try to verify you cert with gmail.
here is an example how. https://gist.github.com/essandess/395446556afea7334826e9df74f85edf
just to make sure its not in your certs.

A Former User

@thctlo

Hi its ondead a p12 Pfx certificate. I installed iT on my iPhone and in outlook. If i send mail from these devices all is ok and trusted. Except when sending from webapp. However in webapp i installed the same certificate

A Former User

Hi,

did you prepare your WebApp as described here: https://documentation.kopano.io/webapp_smime_manual/install_ca.html ?
My S/MIME in WebApp works for me as expected.
.

A Former User

@walterhof

Yes i have done this. my certificate comes from comodo.

A Former User

@walterhof nevermind. i tested some further and it seems that the incoming mailserver does something to the mail from the mailaccount that tels me that the mail is untrusted. if i send to other mailservers all is wel.

marnoeBT

I have the same problem
send via webapp or deskapp works, but the receiver gets the indication that the mail could be manipulated.

via ios it works perfectly and signed correctly.

only clue when sending via web / deskapp is the e-mail header, here are 2 entries for Mime version

##########

X-Amavis-Alert: BAD HEADER SECTION, Duplicate header field: “MIME-Version”
Subject: TEST
From: " anonymisiert " anonym@anonym.de
To: “anonym@gmail.com” anonym@gmail.com
Date: Fri, 28 Dec 2018 13:13:27 +0000
Mime-Version: 1.0
X-Priority: 3 (Normal)
Message-Id: kcis.ID@anonym
MIME-Version: 1.0
Content-Type: multipart/signed; protocol=“application/x-pkcs7-signature”; micalg=“sha-256”; boundary="----88A2CFE0C5AF6C2296458FD5099A2592"

------88A2CFE0C5AF6C2296458FD5099A2592
Subject: TEST
From: " anonymisiert " anonym@anonym.de
To: “anonym@gmail.com” anonym@gmail.com
Date: Fri, 28 Dec 2018 13:13:26 +0000
Mime-Version: 1.0
Content-Type: multipart/alternative;
boundary="=_S5y9yi0RKu2v32h4RxMkjB3kCwTUbrgVJBf8rcSRt6UGHFCO"
X-Priority: 3 (Normal)
Message-Id: <kcis.ID.anonym.de>

########

specifications:
debian9
php-kopano-smime 1.0.00+14.3
kopano-webapp 3.5.1.2067+1139.1
kopano-server 8.7.80.355.acad8ae1e-0+26.1

any ideas or workarounds?

A Former User

@marnoeBT

nope i also still have the same isue.

marnoeBT

Deskapp the same problem.
iOS Mail & Thunderbird works fine

A Former User

@marnoeBT

I thought it was gone but indeed when sending from kopano webapp the mail signature is not trusted. What could be the problem?

A Former User

Any one a solution to this problem? it is pritty anoying.

marty

Please make a support ticket so Kopano support can dive deeper into the issue.

A Former User

@marty

How can i open a ticket. i only use the commercial edition.

A Former User

@marnoeBT

hi did you resolved this problem? i still have the same error

A Former User

@marty

how can we create a ticket?

robing

@ckruijntjens sent a mail to support@kopano.com or use portal.kopano.com to create one