Re: encrypt to s/mime user ???
On Sat, Jan 10, 2004 at 11:30:26AM -0600, Michael D Schleif wrote:
> Kevin Geiss <kevin@xxxxxxxxxxxxx> [2004:01:09:22:31:51-0700] scribed:
> > first, start out with this:
> >
> > http://www.ezitrust.com/guides/mutt.pdf
[...]
> Thank you, for this URL.
>
> I am stuck at _Get a copy of your own personal key & associated cert_,
> where the example is *only* for Internet Exploder ;<
>
> Anyway, I went to Thawte <http://thawte.com> to get their _free_ email
> certificate. However, using Mozilla under Debian, the certificate is
> now sucked into Mozilla, and I do not know how to get it out and use it
> in mutt, as per your URL's subsequent instructions.
>
> Also, as per my original post, how do I manage other people's
> certificates like I do with gpg/pgp and keyrings?
If you look in mutt's source tree, there is a file
doc/smime-notes.txt. It describes all steps necessary to configure
S/MIME support in mutt.
mutt comes with a Perl script that is installed as smime_keys. (At
least, mutt's CVS version does.) This program manages your keys and
certificates. In particular,
smime_keys add_root <root_certificate>
adds the root certificate of a CA (e.g., Thawte) to the set of your
trusted certificates. Note that the certificate has to be in PEM
format; you may need to convert it first. (Cf. the x509 man page.)
You import your own keypair with
smime_keys add_p12 <transport_file>
where your key and certificate are stored in the password protected
PKCS#12 transport file. (If you don't have the file from Thawte
anymore then you can export the keypair from Mozilla.)
And finally, if you receive a signed message with the sender's
certificate enclosed then ^K in the index view will extract the
certificate and put it into your keystore.
HTH
Christoph
--
http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/cludwig.html
LiDIA: http://www.informatik.tu-darmstadt.de/TI/LiDIA/Welcome.html