Martijn, you wrote: "Since you have the private key and the key can be used for signing you can select the key for signing."
How can I select the key for signing ? If I want to select signing certificate for this user in Djigzo it tells me "There are no matching certificates" To check if the end-user certificate holds private keys I've tried to download the private keys from the certficate and a PFX file is created. Best regards, Perry ------------------------------ Message: 4 Date: Thu, 26 Apr 2012 11:19:55 +0200 (CEST) From: Perry Peeters <[email protected]> Subject: [Djigzo users] assigning certficates To: [email protected] Message-ID: <9fa63a44-893a-4410-9c6e-7fb2f74374f4@deolinux1> Content-Type: text/plain; charset=utf-8 We want our Djigzo to PDF encrypt and S/MIME sign using a Comodo Secure Email certificate for a specific user (originator). The Key Usage of the certificate shows: "keyEncipherment, digitalSignature". Unfortunately the certificate for this user shows up in Djigzo as encryption certificate not as signing certificate and I can't unassign / reassign. Also I can't assign the certificate as signing certficate. Because of this setup emails are S/MIME encrypted not signed, not what I want. Is there a solution ? ------------------------------ Message: 5 Date: Thu, 26 Apr 2012 11:31:41 +0200 From: Martijn Brinkers <[email protected]> Subject: Re: [Djigzo users] assigning certficates To: [email protected] Message-ID: <[email protected]> Content-Type: text/plain; charset=ISO-8859-1; format=flowed On 04/26/2012 11:19 AM, Perry Peeters wrote: > We want our Djigzo to PDF encrypt and S/MIME sign using a Comodo Secure Email > certificate > for a specific user (originator). > The Key Usage of the certificate shows: "keyEncipherment, digitalSignature". > Unfortunately the certificate for this user shows up in Djigzo as encryption > certificate not as signing certificate > and I can't unassign / reassign. > Also I can't assign the certificate as signing certficate. > Because of this setup emails are S/MIME encrypted not signed, not what I want. > Is there a solution ? A key can be used as a signing key if you have the private key and if the key usage allows the key to be used for signing. A (public) key can be used for encryption if the key usage allows encryption. Since you have the private key and the key can be used for signing you can select the key for signing. Whether or not you can select it as an encryption key does not matter. First make sure that your email will be correctly signed. This can be done by deselecting "Only sign when encrypt". Once you know that your outgoing email will be correctly signed, you can enable signing of the PDF encrypted email by selecting the PDF advanced option "Sign email". Kind regards, Martijn Brinkers _______________________________________________ Users mailing list [email protected] http://lists.djigzo.com/lists/listinfo/users
