[MlMt] Missing intermediate certificate(s) for S/MIME message.
esharakan at gmail.com
Wed Jun 24 09:15:02 EDT 2020
On 23 Jun 2020, at 14:35, Bill Cole wrote:
> On 23 Jun 2020, at 12:38, Eric Sharakan wrote:
>> And to the right are two buttons: "Show Details" and "Allow Network
>> Fetch". I understand the first button, but what exactly does "Allow
>> Network Fetch" do? I clicked it but it didn't seem to have any
> Nearly all certs these days are not signed directly by 'root' certs
> but instead by an intermediate cert. In *some* cases it is possible to
> retrieve a needed intermediate cert based on information in the
> end-user cert. The retrieved intermediate cert itself can have its own
> problems that break verification, such as simple expiration or the use
> of obsolete weak algorithms, or it can itself be signed by an unknown
> cert rather than by a trusted root.
> It should be possible to determine what the problem is by using the
> "Show Details" button.
Okay thanks. It turns out I deleted the mail in question, and had not
clicked the "Show Details" button after clicking "Allow Network Fetch".
What I did notice is that the "Allow Network Fetch" remained available
and active, and the warning about missing intermediate certs remained,
so I assume MM was unable to retrieve the intermediate Cert.
The lack of feedback of any kind that clicking "Allow Network Fetch"
actually did anything is not ideal; can this be addressed Benny?
BTW, I remember the intermediate cert was from a CA named "PostSignum CA
4" (apparently from www.postsignum.cz). Any folks on this list familiar
with this CA? Is it safe to install their certs on my Mac (I have
several folks in the Czech Republic with whom I correspond)?
> Bill Cole
> bill at scconsult.com or billcole at apache.org
> (AKA @grumpybozo and many *@billmail.scconsult.com addresses)
> Not For Hire (currently)
> mailmate mailing list
> mailmate at lists.freron.com
More information about the mailmate