Eric typed: > are the certs of those people true/trusted and the CA for those > certs trusted as well?
It seems to be less straight forward than that. Nearly all of my S/MIME contacts use one of Thawte's certificates. When I initially checked my settings, the Thawte intermediate CA's had no trust settings at all, so I set them appropriately. Still no joy. I then sent a test mail to a work account of mine with a certificate issued internally. That CA isn't trusted, but the e-mail was encrypted ok. When I view "Other People's" certificates, and I select the "Edit" button - every single certificate shown claims that the CA is *not* trusted. Yet if I click on "Edit CA Trust", the CA is shown as being trusted for mail users (and sometimes more). I have even specifically trusted the end user certificate for the people I am trying to e-mail, and I still cannot encrypt a mail to them. I then tried another contact, signed by the same CA. That message was sent no problem, encrypted as expected. Perversely, that persons certificate had expired. The last encrypted e-mail I sent to the person I'm trying to get in touch with was on the morning before I installed 0.9.9. OK - so I just removed 0.9.9 and re-installed 0.9.8. I notice that the CA's are now marked as trusted if I view settings via "Other People's", yet I still could not encrypt. Then I noticed that the uninstall / install had removed one of my personal certificates. Annoying, but luckily I had backed them up!!! Re-installing that certificate, and I'm back to normal, I can encrypt a message to my contacts. Now, having removed 0.9.8, and re-installed 0.9.9, I cannot encrypt to my contacts again. Although the CA is now showing as being trusted, I cannot encrypt no matter if I sent the trust settings explicitly for the "other person" to trust or even don't trust. Something's broke. (And finally, I went back to the cert manager for one more check, and the CA's that were showing as being trusted just 30 seconds ago, are now being shown as not trusted!!!) - Dave.
