Red Hat Bugzilla – Bug 449721
evolution problems signing (not encrypting) with SSL cert
Last modified: 2008-06-03 09:57:17 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:220.127.116.11) Gecko/20080416 Fedora/18.104.22.168-1.fc8 Firefox/22.214.171.124
Description of problem:
I recently upgraded from Fedora 8 to Fedora 9 and evolution started complaining when trying to send signed mail. I get a dialog stating this:
'Could not create message.
Because "Cannot add SMIMEEncKeyPrefs attribute", you may need to select different mail options.'
This is a transplanted configuration by using the 'Backup Settings' tool in Evolution on Fedora 8.
The mail will send if I disable S/MIME Sign and do an S/MIME Encrypt.
I went so far as to build a clean Evolution profile and reimported my certificate to the exact same results.
A side note, encrypted messages that setup to be include self as an encryptee can not be read.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Acquire SSL signing certificate (I'm using a free one from Thawte)
2. Import SSL certificate
3. Add certificate to email account for signing and encrypting
4. Verify that 'Digitally sign outging messages (by default)' and 'Also encrypt to self when sending encrypted mail' are selected in the Security setup.
5. Generate a mail and try sending (make sure Security->S/MIME Sign is selected)
6. See annoying dialog box
7. For testing Encryption (only) unselect Security->S/MIME Sign and select Security->S/MIME Encrypt
8. Notice mail is sent
9. Check sent mail and try reading message and see 'Decoder failed, error -8147'
Phase 1 (up to step 6) I see an error dialog telling me that Evolution "Cannot add SMIMEEncKeyPrefs attribute".
Step 7 - 9 I get a mail generated but am unable to read the message that was supposed to be self encrypted back to me in the Sent folder.
Mail should have been sent signed and / or encrypted with the ability to decrypt the sent mail.
Just an update. As I was doing my encryption testing to my account at work
which is currently checked from a Fedora 7 (evolution-2.10.3-9) system. The
encryption worked just fine (as in I can decrypt the message) however, as
stated, the mail couldn't be signed so the receiving end states that it can't
guarantee authenticity since it isn't signed.
Do you see any error messages on the console when trying this in F9? I'm not
sure whether these are shown on the evolution's or evolution-data-server's
console, though. (To run evolution-data-server on its own console, you should
close evolution and run command "evolution --force-shutdown" first, because
there cannot run more than one eds instance at the moment).
You might also try this:
Yes, that was the problem all along. I find it frustrating that the error isn't
clear enough to tell you what the real problem is.
Thank you for the help. Google hadn't turned that one up during all my
searching yesterday, guess I hadn't found the right search string.
I imagine Evolution is just echoing back whatever error message the underlying
encryption tool gave. But yes, point taken about it not being very helpful.
I'll close this as NOTABUG, then. The usability aspects will have to be dealt