Mail - certificate encryption and signing

Discussion in 'Mac Apps and Mac App Store' started by MK16, Mar 11, 2015.

  1. MK16, Mar 11, 2015
    Last edited: Mar 11, 2015

    MK16 macrumors newbie

    Joined:
    Mar 11, 2015
    Location:
    Slovakia, Czech Republic
    #1
    Hi,

    I recently downloaded a certificate that I want to use in my Mail app. I imported it into the Keychain and set the parameter to Always trust this certificate.
    According to many online guides I was supposed to see it in a drop list in Mail->Preferences->Accounts->TLS Certificate.
    But all I can see there is one apple certificate and not the one I want. This one is listed in My Certificates section in Keychain (the one iI want is not in this section and I did not find a way to place it to this section).
    I use Gmail accounts.

    Anyone has any experience with this? :confused:
    Thanks,
    Martin

    (I use Yosemite on rMBP13, all up to date)
     
  2. OcelotWreak macrumors member

    OcelotWreak

    Joined:
    Jul 20, 2011
    Location:
    Canada
    #2
    If you open up your cert in your Keychain app so you can examine all the fields of the cert, is the certificate usage field set to be used for "signing" and "encryption"? Is the ID field exactly the same as your Gmail email address? (You said you use Gmail.) Where did you "download" it from and how was it generated?
     
  3. MK16, Mar 12, 2015
    Last edited: Mar 12, 2015

    MK16 thread starter macrumors newbie

    Joined:
    Mar 11, 2015
    Location:
    Slovakia, Czech Republic
    #3
    Its usage is: Encrypt, Verify, Wrap, Derive; so it should be able to encrypt.

    No, the ID is not the same. However I did try to create the New Certificate Preference and put my gmail address there, yet it did not seem to work either.

    I got it from: http://pki.cesnet.cz; as to how it was generated, I can only say I used my university account to sign in and request one. I am no expert in cryptography.
    -----------
    I made some progress, I managed to download the certificate to one browser (Firefox), then export it into .p12 format and then I imported it into my keychain again. Now I was able to select it in mail as TLS certificate for particular email address, but I still don't see a way to encrypt the specific message
    -----------
    Solved. Thanks
     

Share This Page