Re: Can't store colleague's S/MIME certificate
On Sun, Oct 12, 2003 at 05:38:16PM -0400, William L. Anderson wrote:
> When I try to store my colleagues certificate I get a prompt asking
> for a label, and then when I enter one I get the following message
>
> ~/.smime/certificates/123abcde.0 is already installed.
^^^^^^^^^^
Is this really the file name shown in the error message? It looks
like a dummy name to me.
> This is the same cert that is installed when I use smime_keys to add
> my own PKCS12 certificate. I think I'm missing something here. When I
> use other mail tools (e.g., Thunderbird Enigmail and Mozilla) there
> is never any collision. My colleagues certificate is completely
> separate from mine. When I look at the text outputs they certainly
> appear different.
>
> I've already removed my cert; installed my colleague's; and then
> tried to add my cert again and it seems to produce a certificate with
> the exact same name.
>
> Mutt 1.5.4i built on Mac OS X. Any help greatly appreciated.
Unless you cheanged smime_get_cert_command and
smime_get_signer_cert_command I don't see what could be wrong. The
certificate's hash is determined in smime_keys by a call to openssl.
To find the problem's cause I'd do the following:
1) Extract the certificate manually. Store your colleague's mail in
a seperate file and run the command for extracting the
certificate defined in .muttrc on the command line. (If the mail
is stored in mbox format, you may have to delete the first
lines. OpenSSL does not like the leading "From" line, IIRC.)
2) If the extracted certificate looks ok, I'd run smime_keys
in a perl debugger ("perl -d smime_keys add_cert"). Search for a
line
my $cmd = "$opensslbin x509 -noout -hash -in $ARGV[1] -inform $format";
and put a breakpoint there. If you inspect the value of
$cert_hash assigned in the following line you should be able to
tell what's going on.
HTH
Christoph
--
http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/cludwig.html
LiDIA: http://www.informatik.tu-darmstadt.de/TI/LiDIA/Welcome.html