| 1 |
On Sunday 20 May 2007 13:53, Jure Varlec wrote: |
| 2 |
> On Sunday 20 of May 2007 13:24:09 Mick wrote: |
| 3 |
> > Hi All, |
| 4 |
> > |
| 5 |
> > I am trying to get to grips with OpenSSL Certs in Kmail. I have created |
| 6 |
> > a CA and then created and signed with it a certificate for my email |
| 7 |
> > account (crt). Finally, I exported it as a pkcs12 bundle and tried to |
| 8 |
> > import it as smime into Konqueror & Kmail. All went seemingly well, |
| 9 |
> > except for: |
| 10 |
> > |
| 11 |
> > 1. When I tried to specify which cert to use in |
| 12 |
> > Kmail/Indentity/Cryptography I can see my imported Cert, but as I select |
| 13 |
> > it a red X comes up on the key symbol. I assume then that it is not |
| 14 |
> > suitable for smime |
| 15 |
> > signatures/encryption? |
| 16 |
> > 2. When I run gpgsm -K I get: |
| 17 |
> > =========================================== |
| 18 |
> > [snip] |
| 19 |
> > validity: 2007-05-19 18:12:12 through 2010-05-18 18:12:12 |
| 20 |
> > key type: 4096 bit RSA |
| 21 |
> > key usage: [error: No value] |
| 22 |
> > chain length: [error: No value] |
| 23 |
> > =========================================== |
| 24 |
> > |
| 25 |
> > which is different to another certificate I have obtained from |
| 26 |
> > www.cacert.org: =========================================== |
| 27 |
> > validity: 2007-04-23 13:49:42 through 2007-10-20 13:49:42 |
| 28 |
> > key type: 2048 bit RSA |
| 29 |
> > ext key usage: emailProtection (suggested), clientAuth (suggested), |
| 30 |
> > 1.3.6.1.4.1.311.10.3.4 (suggested), serverGatedCrypto.ms (suggested), |
| 31 |
> > serverGatedCrypto.ns (suggested) |
| 32 |
> > =========================================== |
| 33 |
> > |
| 34 |
> > Any ideas what I need to do to make this certificate valid for use by |
| 35 |
> > Kmail? |
| 36 |
> > |
| 37 |
> > PS. I am not sure if the above errors mean that there is anything wrong |
| 38 |
> > with my certificate, as opposed to Kmail & Kleopatra. Any certificate |
| 39 |
> > signed messages that I receive are not verified in Kmail - all I get is: |
| 40 |
> > ==================================================== |
| 41 |
> > Not enough information to check signature. [Details] |
| 42 |
> > |
| 43 |
> > Status: No status information available. |
| 44 |
> > ==================================================== |
| 45 |
> > |
| 46 |
> > If I press on [Details] Kleopatra pops up showing my cert. Selecting |
| 47 |
> > Verify just shows "done". |
| 48 |
> > |
| 49 |
> > Have you managed to make smime work with Kmail at all? |
| 50 |
> |
| 51 |
> Hello |
| 52 |
> |
| 53 |
> Heh, I dealt with a similar problem about a week ago. I'm not sure I'll |
| 54 |
> ever understand all these certificate issues that seem to crop up on just |
| 55 |
> about all platforms I ever used. |
| 56 |
> |
| 57 |
> As, for the solution, it seem Kleopatra wants app-crypt/dirmngr, emerging |
| 58 |
> it solved my problem. I'm not sure why relevant KDE apps don't depend on |
| 59 |
> it. |
| 60 |
|
| 61 |
Thanks Jure, I'm afraid it didn't help in my case. :( |
| 62 |
|
| 63 |
When I try to sign a message with my cacert.org certificate it fails |
| 64 |
with: "Signing failed: General error". Adding my selfsigned certificate also |
| 65 |
fails (but his may have something to do with the way I generated the |
| 66 |
certificate, rather than Kmail). This is sooo complicated compared to GnuPG. |
| 67 |
|
| 68 |
Anything else I could try? |
| 69 |
-- |
| 70 |
Regards, |
| 71 |
Mick |
Archives