2014. március 26., szerda

New S/MIME certificate into Mozilla Thunderbird install success

I had quite a struggle to make my secure email working in Mozilla Thunderbird the other day. Firstly, I had to sign and install the certificate in the browser as suggested by CaCert's knowledgebase article. Thankfully, I possess 100 assurance points in CaCert Community which means I am certified to sign web and email certificates. So I created a client certificate to my email address and installed it into my Firefox browser. This placed it on the keystore under Tools -> Options -> Advanced -> Certificates -> View Certificates, under the 'Your Certificates' section. The next step would be to insert it into Thunderbird to be able to use it, but that required a PKCS #12 bundled file format (Personal Information Exchange), which includes the key. To obtain that format from my certificate, I had to back up the key from the keystore in FF. This resulted in a .p12 certificate file as shown on the picture. Note the little brown-yellow key on the envelope! That means it's a secure certificate file containing the key.

Then, I could import into Thunderbird using the Import menu in the certificate manager. I finally managed to figure it out. Now I am able to digitally sign my email messages using the S/MIME signature. The Certificate Authority was used to issue the certificate is CaCert a.k.a. 'Root CA' in the keystore.

This means that the emails I will send digitally signed will make sure my identity is verified and the message's content free from tampering or alteration while it reaches the recipient. The link on superuser.com contains my contribution to the community in relation to the matter. 

Happy email signing and stay secure!

Nincsenek megjegyzések: