Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [smime]

S/MIME is a protocol for signing and/or encrypting emails using certificates

34 questions
7
votes
3 answers

Outlook Encrypted Emails boo boo

I just reinstalled my Windows OS 7 and forgot to backup my Email Certificate for Outlook 2010 beforehand. Now I can't read any encrypted emails. When I try, it says "Cannot open this item. Your Digital ID name cannot be found by the underlying…
Christian
  • 746
  • 3
  • 13
  • 30
7
votes
2 answers

Can I configure mailman so that it won't break S/MIME digital signatures?

We're currently using Mailman as a mailing list manager. Mailman modifies the content of mail messages. The problem is that some of our users are sending digitally signed messages and the modification makes the signature break. I've seen this…
vy32
  • 2,018
  • 1
  • 15
  • 20
5
votes
1 answer

How do I configure AD CS to support Name Constraints (4.2.1.11 in RFC 2459)?

I am trying to figure out how to do Qualified Subordination with the critical extension set, but I'm unable to figure out how to do this in MSFT AD CS. For a given certificate, how do I make sure that the name constraints are set appropriately on…
makerofthings7
  • 8,821
  • 28
  • 115
  • 196
5
votes
3 answers

Is there a way to make encryption default per contact in Thunderbird?

I administer several computers that have Thunderbird installed. I know Thunderbird has an option to require all email to be encrypted. However, I would like a way to allow unencrypted email normally, but require encrypted email to certain…
Daniel
  • 251
  • 3
  • 12
4
votes
1 answer

Smart Card S/MIME with Exchange 2013

I have an Exchange 2013 environment that I'm trying to implement S/MIME with smart cards. To the best of my knowledge, and the little help I have received on TechNet, I have configured my Exchange server correctly. I have installed the S/MIME…
wolfenstein87
  • 41
  • 2
4
votes
2 answers

Is it generally acceptable to expose LDAP in read only mode to the Internet?

I need to support Mac clients who need to access a LDAP server to locate SMIME keys. Since the keys are already in AD, and it's easy for me to create a RODC or read only forest where I push the certificates to, is it acceptable to expose…
makerofthings7
  • 8,821
  • 28
  • 115
  • 196
2
votes
1 answer

AD Certificate template - Enroll on behalf of

I'm trying to setup S/MIME for a few users, which requires certificates. I'm not using smartcards, and not using autoenrollment for these certificates. Server is running 2012R2. I created a template that works fine when I manually request a…
Grant
  • 17,671
  • 14
  • 69
  • 101
2
votes
1 answer

S/MIME: signed mails with disclaimer from mail filter/mailscanner?

We have a Mailscanner, which scans incoming and outgoing mails and add a small disclaimer (Mail was checked for Viruses... bla bla bla). So far i can add a disclaimer without signing the mail, or sign emails without adding the disclaimer. Is there a…
fips123
  • 361
  • 1
  • 5
  • 16
2
votes
0 answers

Are External LDAP referrals similar to a DNS Recursive or non recursive entry?

I'm very familiar with DNS, but less so with LDAP. In DNS I have the ability to delegate the CPU and IO load of referral chasing a given DNS query... or I can set norecurse and have the client perform those tasks (or not recurse at all) My goal is…
makerofthings7
  • 8,821
  • 28
  • 115
  • 196
2
votes
1 answer

Sign outgoing mails automatically with postfix (S/MIME)

I want to sign outgoing mails automatically with postfix. I've found a script and integrated it into postfix. That works mostly like expected, but it has two bugs and I hope you can help me to fix…
user2626702
  • 113
  • 2
  • 2
  • 9
2
votes
2 answers

How can I confirm which specific S/MIME public key was used to encrypt an email?

CentOS 5.8 Is there an easy way to tell what specific public key was used to encrypt an email? My email gateway isn't able to decrypt an inbound S/MIME message and I'm suspecting that the remote sender may have used an obsolete public key that is…
Mike B
  • 11,570
  • 42
  • 106
  • 165
2
votes
0 answers

mutt, smime, decrypt with one of two different keys

This is an odd one. We want to have an encrypted e-mail list. There are a few ways to do this, but in the interim what we've done is created a public/private keypair via openssl for our e-mail list (list@foo.org) and then distributed the…
munin
  • 121
  • 1
2
votes
2 answers

Any web email providers that support sending and receiving S/MIME encrypted email?

Can anyone suggest a webmail provider (like gmail, Yahoo mail, hotmail, etc.) that supports S/MIME encrypted email well? Both sending and receiving email and obviously keeping track of the encryption keys for contacts. I haven't found one yet that…
Scott Bussinger
  • 1,761
  • 4
  • 23
  • 27
2
votes
0 answers

Which clients support self-signed certificates with DANE?

We've been considering to make more use of DANE as a decentralised authority for our certificates. Especially with S/MIME. However, the key obstacle is... how widely are DANE treated as an authority with mail clients? Is there a list with all the…
Haneef Ibn Ahmad
  • 21
  • 1
  • 5
1
vote
1 answer

Email signing using commercial SSL certificate

I am considering securing my work environment with certificates and thus have a couple of questions. My Active Directory domain is domain.com. If I buy a commercial wildcard SSL certificate from i.e. COMODO is it possible to create S/MIME user…
badboy
  • 81
  • 6
1
2 3