Hello,
OS and RT4 Info:
Debian GNU/Linux 7 (wheezy)
Apache/2.2.22 (Debian)
PHP 5.5.26-1~dotdeb+7.4
Request Tracker 4.2.11
I am attempting to configure S/MIME support in my RT4 instance, and I have
every piece working other than the verification of signatures on incoming
email. Signing outbound emails is working perfectly, and signatures are
processed on incoming mail as well. However, all signatures are being shown
as untrusted, with a message such as this: "SMIME: The signature is good,
signed by "Zoey Schutt" , trust is none".
Similarly, the keys and certificates I have loaded to sign outgoing messages
are showing as issued by blank, such as this one:
SMIME key '"Zoey Schutt" <webmas...@braincoral.io> (issued by )'
Fingerprint:
76c140826f39d9d66ae4dc40328c0f23c177d0ca
Created:
Mon Jul 06 2015
Expire:
Thu Jul 06 2017
User:
"Zoey Schutt" <webmas...@braincoral.io>
All of the keys I have been using to test this are valid and certified by
StartCom Class 2. My configuration is as such:
Set(@MailPlugins, 'Auth::MailFrom', 'Auth::Crypt');
Set(%SMIME,
Enable => 1,
OpenSSL => 'openssl',
Keyring => q{var/data/smime},
CAPath => '/opt/rt4/var/data/smime-roots',
AcceptUntrustedCAs => 1,
Passphrase => {
'webmas...@braincoral.io' => 'REMOVED',
'supp...@braincoral.io' => 'REMOVED',
'' => 'fallback',
},
);
Set(%Crypt,
Incoming => ['SMIME', 'GnuPG'],
Outgoing => 'SMIME',
RejectOnUnencrypted => 0,
RejectOnMissingPrivateKey => 1,
RejectOnBadData => 1,
AllowEncryptDataInDB => 0,
Dashboards => {
Encrypt => 0,
Sign => 0,
},
);
I have attached a list of the contents of var/data/smime-roots to a text
file on this email. The contents are just a copy of the /etc/ssl/certs
directory of my server, with c_rehash run on it. I have tried the
configuration with a trailing slash and without on CAPath, and neither have
worked.
Any assistance would be greatly appreciated!
Regards,
Zoey Schutt
Braincoral Technology
00673b5b.0 55a10908.0 9d6523ce.0
ccc52f49.0
GeoTrust_Global_CA.pem
024dc131.0 5620c4aa.0 9dbefe7b.0
cd58d51e.0
GeoTrust_Primary_Certification_Authority_-_G2.pem
02b73561.0 56657bde.0 9ec3a561.0
cdaebb72.0
GeoTrust_Primary_Certification_Authority_-_G3.pem
034868d6.0 56b8a0b6.0 9f533518.0
Certigna.pem
GeoTrust_Primary_Certification_Authority.pem
039c618a.0 56e29e75.0 9f541fb4.0
Certinomis_-_Autorité_Racine.pem
GeoTrust_Universal_CA_2.pem
052e396b.0 57692373.0 a0bc6fbb.0
Certplus_Class_2_Primary_CA.pem
GeoTrust_Universal_CA.pem
062cdee6.0 578d5c04.0 a15b3b6b.0
certSIGN_ROOT_CA.pem
Global_Chambersign_Root_-_2008.pem
080911ac.0 57bbd831.0 a2df7ad7.0
Certum_Root_CA.pem
GlobalSign_Root_CA.pem
0810ba98.0 57bcb2da.0 a3896b44.0
Certum_Trusted_Network_CA.pem
GlobalSign_Root_CA_-_R2.pem
08aef7bb.0 58a44af1.0 a5fd78f0.0
cf701eeb.0
GlobalSign_Root_CA_-_R3.pem
09789157.0 590d426f.0 a6a593ba.0
cfa1c2ee.0
Go_Daddy_Class_2_CA.pem
0b759015.0 592c0a9a.0 a7605362.0
Chambers_of_Commerce_Root_-_2008.pem
Go_Daddy_Root_Certificate_Authority_-_G2.pem
0ba01d19.0 594f1775.0 a760e1bd.0
China_Internet_Network_Information_Center_EV_Certificates_Root.pem
GTE_CyberTrust_Global_Root.pem
0c4c9b6c.0 5a3f0ff8.0 a7d2cf64.0
CNNIC_ROOT.pem
Hellenic_Academic_and_Research_Institutions_RootCA_2011.pem
0d188d89.0 5a5372fc.0 a8dee976.0
Comodo_AAA_Services_root.pem
Hongkong_Post_Root_CA_1.pem
0d1b923b.0 5ad8a5d6.0 a94d09e5.0
COMODO_Certification_Authority.pem
IGC_A.pem
0dad9736.0 5c44d531.0 ab5346f4.0
COMODO_ECC_Certification_Authority.pem
Izenpe.com.pem
10531352.0 5cd81ad7.0 ACCVRAIZ1.pem
Comodo_Secure_Services_root.pem
Juur-SK.pem
111e6273.0 5cf9d536.0 ACEDICOM_Root.pem
Comodo_Trusted_Services_root.pem
Microsec_e-Szigno_Root_CA_2009.pem
116bf586.0 5e4e69e7.0 AC_RaÃz_Certicámara_S.A..pem
ComSign_CA.pem
Microsec_e-Szigno_Root_CA.pem
119afc2e.0 5ed36f99.0 Actalis_Authentication_Root_CA.pem
ComSign_Secured_CA.pem
NetLock_Arany_=Class_Gold=_FÅtanúsÃtvány.pem
11f154d6.0 5f15c80c.0 ad088e1d.0
Cybertrust_Global_Root.pem
NetLock_Business_=Class_B=_Root.pem
124bbd54.0 5f267794.0 add67345.0
d06393bb.0
NetLock_Express_=Class_C=_Root.pem
128805a3.0 5f47b495.0 AddTrust_External_Root.pem
d16a5865.0
NetLock_Notary_=Class_A=_Root.pem
12d55845.0 60afe812.0 AddTrust_Low-Value_Services_Root.pem
d4dae3dd.0
NetLock_Qualified_=Class_QA=_Root.pem
157753a5.0 635ccfd5.0 AddTrust_Public_Services_Root.pem
d537fba6.0
Network_Solutions_Certificate_Authority.pem
1636090b.0 63a2c897.0 AddTrust_Qualified_Certificates_Root.pem
d59297b8.0
OISTE_WISeKey_Global_Root_GA_CA.pem
1676090a.0 6410666e.0 ae8153b9.0
d64f06f3.0
PSCProcert.pem
17b51fe6.0 653b494a.0 ae8153b9.1
d66b55d9.0
QuoVadis_Root_CA_2.pem
1874d4aa.0 656b3e35.0 aeb67534.0
d7746a63.0
QuoVadis_Root_CA_3.pem
18856ac4.0 65b876bd.0 aee5f10d.0
d78a75c7.0
QuoVadis_Root_CA.pem
1dac3003.0 667c66d4.0 AffirmTrust_Commercial.pem
d7e8dc79.0
Root_CA_Generalitat_Valenciana.pem
1dcd6f4c.0 67495436.0 AffirmTrust_Networking.pem
d853d49e.0
RSA_Root_Certificate_1.pem
1df5a75f.0 67d559d1.0 AffirmTrust_Premium_ECC.pem
d957f522.0
RSA_Security_2048_v3.pem
1e09d511.0 69105f4f.0 AffirmTrust_Premium.pem
d9d12c58.0
Secure_Global_CA.pem
1e1eab7c.0 6b99d060.0 America_Online_Root_Certification_Authority_1.pem
db61be14.0
SecureSign_RootCA11.pem
1e8e7201.0 6cc3c4c3.0 America_Online_Root_Certification_Authority_2.pem
dbc54cab.0
SecureTrust_CA.pem
1eb37bdf.0 6e52cc39.0 ApplicationCA_-_Japanese_Government.pem
dc45b0bd.0
Security_Communication_EV_RootCA1.pem
1ec4d31a.0 6e8bf996.0 Atos_TrustedRoot_2011.pem
ddc328ff.0
Security_Communication_RootCA2.pem
201cada0.0 6f2c1157.0 A-Trust-nQual-03.pem
Deutsche_Telekom_Root_CA_2.pem
Security_Communication_Root_CA.pem
20d096ba.0 6fcc125d.0
Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068.pem
DigiCert_Assured_ID_Root_CA.pem
SG_TRUST_SERVICES_RACINE.pem
21855f49.0 706f604c.0 b097d71d.0
DigiCert_Global_Root_CA.pem
Sonera_Class_1_Root_CA.pem
219d9499.0 72f369af.0 b0ed035a.0
DigiCert_High_Assurance_EV_Root_CA.pem
Sonera_Class_2_Root_CA.pem
2251b13a.0 72fa7371.0 b0f3e76e.0
Digital_Signature_Trust_Co._Global_CA_1.pem
spi-ca-2003.pem
23f4c490.0 74c26bd0.0 b1159c4c.0
Digital_Signature_Trust_Co._Global_CA_3.pem
spi-cacert-2008.pem
244b5494.0 755f7420.0 b13cc6df.0
DST_ACES_CA_X6.pem
ssl-cert-snakeoil.pem
24ad0b63.0 75680d2e.0 b1b8a7f3.0
DST_Root_CA_X3.pem
Staat_der_Nederlanden_Root_CA_-_G2.pem
27af790d.0 7651b327.0 b204d74a.0
D-TRUST_Root_Class_3_CA_2_2009.pem
Staat_der_Nederlanden_Root_CA.pem
2ab3b959.0 7651b327.1 b42ff584.0
D-TRUST_Root_Class_3_CA_2_EV_2009.pem
Starfield_Class_2_CA.pem
2ae6433e.0 76579174.0 b66938e9.0
e113c810.0
Starfield_Root_Certificate_Authority_-_G2.pem
2afc57aa.0 7672ac4b.0 b6c5745d.0
e268a4c5.0
Starfield_Services_Root_Certificate_Authority_-_G2.pem
2b349938.0 76cb8f92.0 b727005e.0
e2799e36.0
StartCom_Certification_Authority_2.pem
2c543cd1.0 76faf6c0.0 b7a5b843.0
e36a6752.0
StartCom_Certification_Authority_G2.pem
2d9dafe4.0 778e3cb0.0 b7db1890.0
e48193cf.0
StartCom_Certification_Authority_MAN.pem
2e4eed3c.0 790a7190.0 b7e7231a.0
e536d871.0
StartCom_Certification_Authority.pem
2e5ac55d.0 7999be0d.0 b872f2b4.0
e5662767.0
S-TRUST_Authentication_and_Encryption_Root_CA_2005_PN.pem
2edf7016.0 79ad8b43.0 b8e83700.0
e60bf0c0.0
Swisscom_Root_CA_1.pem
2fa87019.0 7a481e66.0 ba89ed3b.0
e775ed2d.0
Swisscom_Root_CA_2.pem
2fb1850a.0 7a819ef2.0 bad35b78.0
e7b8d656.0
Swisscom_Root_EV_CA_2.pem
33815e15.0 7d0b38bd.0 Baltimore_CyberTrust_Root.pem
e8651083.0
SwissSign_Gold_CA_-_G2.pem
33815e15.1 7d3cd826.0 bb2d49a0.0
e8de2f56.0
SwissSign_Platinum_CA_-_G2.pem
343eb6cb.0 7d453d8f.0 bc3f2570.0
ea169617.0
SwissSign_Silver_CA_-_G2.pem
349f2832.0 7d5a75e4.0 bcdd5959.0
eacdeb40.0
Taiwan_GRCA.pem
3513523f.0 812e17de.0 bd1910d4.0
eb375c3e.0
TC_TrustCenter_Class_2_CA_II.pem
381ce4dd.0 8160b96c.0 bda4cc84.0
EBG_Elektronik_Sertifika_Hizmet_SaÄlayıcısı.pem
TC_TrustCenter_Class_3_CA_II.pem
399e7759.0 81b9768f.0 bdacca6f.0
ec87c655.0
TC_TrustCenter_Universal_CA_I.pem
3a3b02ce.0 82223c44.0 bf64f35b.0
EC-ACC.pem
TDC_Internet_Root_CA.pem
3ad48a91.0 8317b10c.0 Buypass_Class_2_CA_1.pem
ed524cf5.0
TeliaSonera_Root_CA_v1.pem
3b2716e5.0 8470719d.0 Buypass_Class_2_Root_CA.pem
ed62f4e3.0
Thawte_Premium_Server_CA.pem
3bde41ac.0 84cba82f.0 Buypass_Class_3_CA_1.pem
ee1365c0.0
thawte_Primary_Root_CA_-_G2.pem
3c58f906.0 85cde254.0 Buypass_Class_3_Root_CA.pem
ee64a828.0
thawte_Primary_Root_CA_-_G3.pem
3c860d51.0 861a399d.0 c01cdfa2.0
ee7cd6fb.0
thawte_Primary_Root_CA.pem
3c9a4d3b.0 861e0100.0 c089bbbd.0
ee90b008.0
Thawte_Server_CA.pem
3d441de8.0 86212b19.0 c0ff1f52.0
EE_Certification_Centre_Root_CA.pem
Trustis_FPS_Root_CA.pem
3e45d192.0 876f1e28.0 c19d42c7.0
eed8c118.0
T-TeleSec_GlobalRoot_Class_2.pem
3e7271e8.0 87753b0d.0 c215bc69.0
ef2f636c.0
T-TeleSec_GlobalRoot_Class_3.pem
3ee7e181.0 882de061.0 c28a8a30.0
E-Guven_Kok_Elektronik_Sertifika_Hizmet_Saglayicisi.pem
TÃBÄ°TAK_UEKAE_Kök_Sertifika_Hizmet_SaÄlayıcısı_-_Sürüm_3.pem
3efd4dc0.0 8867006a.0 c33a80d4.0
Entrust.net_Premium_2048_Secure_Server_CA.pem
TURKTRUST_Certificate_Services_Provider_Root_1.pem
40547a79.0 88f89ea7.0 c3a6a9ad.0
Entrust.net_Secure_Server_CA.pem
TURKTRUST_Certificate_Services_Provider_Root_2007.pem
408e388a.0 895cad1a.0 c47d9980.0
Entrust_Root_Certification_Authority.pem
TURKTRUST_Certificate_Services_Provider_Root_2.pem
40dc992e.0 89c02a45.0 c51c224c.0
ePKI_Root_Certification_Authority.pem
TWCA_Global_Root_CA.pem
415660c1.0 8b59b1ad.0 c527e4ab.0
Equifax_Secure_CA.pem
TWCA_Root_Certification_Authority.pem
415660c1.1 8c24b137.0 c5d3212a.0
Equifax_Secure_eBusiness_CA_1.pem
UTN_DATACorp_SGC_Root_CA.pem
4169b3a8.0 8d86cdd1.0 c5e082db.0
Equifax_Secure_Global_eBusiness_CA.pem
UTN_USERFirst_Email_Root_CA.pem
418595b9.0 8e52d3cd.0 c692a373.0
E-Tugra_Certification_Authority.pem
UTN_USERFirst_Hardware_Root_CA.pem
4304c5e5.0 9007ae68.0 c7e2a638.0
f060240e.0
ValiCert_Class_1_VA.pem
442adcac.0 91739615.0 c8763593.0
f081611a.0
ValiCert_Class_2_VA.pem
450c6e38.0 930ac5d2.0 c8841d13.0
f3377b1b.0
Verisign_Class_1_Public_Primary_Certification_Authority_-_G2.pem
46b2fd3b.0 9339512a.0 c99398f3.0
f387163d.0
Verisign_Class_1_Public_Primary_Certification_Authority_-_G3.pem
480720ec.0 93bc0acc.0 c9f83a1c.0
f39fc864.0
Verisign_Class_1_Public_Primary_Certification_Authority.pem
48a195d8.0 9576d26b.0 ca6e4ad9.0
f4996e82.0
Verisign_Class_2_Public_Primary_Certification_Authority_-_G2.pem
48bec511.0 95aff9e3.0 cacert.org.pem
f559733c.0
Verisign_Class_2_Public_Primary_Certification_Authority_-_G3.pem
4a6481c9.0 9685a493.0 CA_Disig.pem
f58a60fe.0
Verisign_Class_3_Public_Primary_Certification_Authority_2.pem
4bfab552.0 9772ca32.0 CA_Disig_Root_R1.pem
f61bff45.0
Verisign_Class_3_Public_Primary_Certification_Authority_-_G2.pem
4d654d1d.0 988a38cb.0 CA_Disig_Root_R2.pem
f80cc7f6.0
Verisign_Class_3_Public_Primary_Certification_Authority_-_G3.pem
4e18c148.0 98ec67f0.0 Camerfirma_Chambers_of_Commerce_Root.pem
f90208f7.0
VeriSign_Class_3_Public_Primary_Certification_Authority_-_G4.pem
4f316efb.0 99d0fa06.0 Camerfirma_Global_Chambersign_Root.pem
fac084d7.0
VeriSign_Class_3_Public_Primary_Certification_Authority_-_G5.pem
4fbd6bfa.0 9ab62355.0 ca.pem
facacbc6.0
Verisign_Class_3_Public_Primary_Certification_Authority.pem
5021a0a2.0 9af9f759.0 cb156124.0
fb126c6d.0
Verisign_Class_4_Public_Primary_Certification_Authority_-_G3.pem
5046c355.0 9b353c9a.0 cb357862.0
fcac10e3.0
VeriSign_Universal_Root_Certification_Authority.pem
524d9b43.0 9c2e7d30.0 cb59f961.0
fde84897.0
Visa_eCommerce_Root.pem
5273a94c.0 9c472bf7.0 cbeee9e2.0
ff588423.0
WellsSecure_Public_Root_Certificate_Authority.pem
5443e9e3.0 9c8dfbd4.0 cbf06781.0
ff783690.0
XRamp_Global_CA_Root.pem
54657681.0 9d520b32.0 cc450945.0
GeoTrust_Global_CA_2.pem
