[MlMt] S/MIME and OpenPGP issues

Sebastian Hagedorn Hagedorn at uni-koeln.de
Thu Jan 7 10:32:58 EST 2021


On 7 Jan 2021, at 14:49, Benny Kjær Nielsen wrote:

> 2021-01-07 13:07:17.274425+0100  localhost MailMate[39607]: (Security) Created Activity ID: 0x8641c, Description: SecKeychainSearchCreateFromAttributes
> 2021-01-07 13:07:17.275346+0100  localhost MailMate[39607]: (Security) Created Activity ID: 0x8641d, Description: SecKeychainSearchCopyNext
> 2021-01-07 13:07:17.275713+0100  localhost MailMate[39607]: (Security) [com.apple.securityd:security_exception] CSSM Exception: -2147413737 CSSMERR_DL_DATASTORE_DOESNOT_EXIST
> 2021-01-07 13:07:17.275826+0100  localhost MailMate[39607]: (Security) [com.apple.securityd:integrity] dbBlobVersion() failed for a non-existent database
> 2021-01-07 13:07:17.276234+0100  localhost MailMate[39607]: (Security) [com.apple.securityd:security_exception] CSSM Exception: -2147413737 CSSMERR_DL_DATASTORE_DOESNOT_EXIST
>
> But I have no idea what `CSSMERR_DL_DATASTORE_DOESNOT_EXIST` means. Googling seems to indicate that it might be related to an empty/faulty keychain. Maybe see if anything in Keychain Access seems out of the ordinary.

Thanks, I already did. There was an empty keychain called Microsoft_Intermediate_Certificates that I removed. There is another empty one that’s called accountsKeychainExport, but apparently that one cannot be deleted.

But it’s clearly a local issue on that specific Mac, because I copied all settings to a different Mac. S/MIME signing works there, but there’s a different issue: MailMate picks an expired certificate. The problem is that you need to keep expired certificates around if you want to be able to decrypt older mails. I verified that the current certificate is in the keychain. For some reason MailMate picks the wrong one.
I tried to set the certificate using Security.plist. This line looks as if that worked:

Setup (S/MIME) mapping of address “Hagedorn at uni-koeln.de” to serial: “2379AD18EB0F7DADF38A62DF”

… and it did! I will experiment some more and let you know if U can get this resolved.
-- 
   .:.Sebastian Hagedorn - Weyertal 121 (Gebäude 133), Zimmer 2.02.:.
                .:.Regionales Rechenzentrum (RRZK).:.
  .:.Universität zu Köln / Cologne University - ✆ +49-221-470-89578.:.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 213 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freron.com/pipermail/mailmate/attachments/20210107/1469acce/attachment-0001.sig>


More information about the mailmate mailing list