Mail: Unable to decrypt message

Discussion in 'macOS' started by kainjow, Nov 26, 2007.

  1. kainjow Moderator emeritus

    kainjow

    Joined:
    Jun 15, 2000
    #1
    I upgraded to Leopard a few days ago and copied over my keychain items and I've been able to read and send encrypted messages. However, just randomly, today I am not able to read encrypted messages. I got a new certificate and am now able to send encrypted messages to others and read my own encrypted messages, but I cannot read encrypted messages from anyone else. I have their certificates in my Keychain (from signed messages) so it seems like I should be able to. I have another "fresher" copy of Leopard that I used to see if I'm missing any other certificates, but I think I'm up to date.

    So how do I get it back so I can read these encrypted messages? I've been trying everything I can think of.
     
  2. vanmacguy macrumors 6502a

    Joined:
    Aug 13, 2007
    Location:
    Not where you live.
    #2
    From what I know about encryption (and I know nothing about how Mail and Leopard uses it), 'things' are encrypted for you specifically. Using a public key that you generate and send to people. When you generate this key, it also generates a private key that you keep. But eht public and private keys need each other.

    If they have encrypted things for you and send them to you, and you've changed your private key, you won't be able to see them as they're encrypted for your old key.

    This is how encryption works generally, as I mentioned above, I don't know how it's used in Mail or Leopard.

    So if it's used in a different way than I specified, please ignore this.

    Cheers.
     
  3. kainjow thread starter Moderator emeritus

    kainjow

    Joined:
    Jun 15, 2000
    #3
    I added my old public cert back to the keychain and it still doesn't work. I get emails that are encrypted and sent to multiple people so I don't think they are tied to one specific person, but I could be wrong.
     
  4. vanmacguy macrumors 6502a

    Joined:
    Aug 13, 2007
    Location:
    Not where you live.
    #4
    As I mentioned above though, encryption is based on two keys, Public and Private. You'll need to somehow get the old key pair back. And thinking about it, I don't know that even then it would work.

    The best thing you can do is to generate a new set of keys, distribute your public key and start to use it from fresh. As far as the messages that you have already, you'll have to get the sender to send them again.

    Just from interest, why are you using encryption in the first place? Is the data sensitive or are you just being careful?

    Cheers.
     
  5. kainjow thread starter Moderator emeritus

    kainjow

    Joined:
    Jun 15, 2000
    #5
    Yea I generated a new one, and new emails sent to me from people who have the new public cert work fine. I guess those old ones are lost forever. I tried to use Firefox to download the original cert (got it from Thawte) but Firefox says something about how I don't have the private key, which I thought the private key would be included in the download. Oh well.

    I use it mainly because the client I work with wants to be able to send signed messages.
     

Share This Page