View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0004634||SOGo||with SOGo||public||2019-01-09 04:28||2020-10-14 02:29|
|Summary||0004634: SOGo does not correctly import S/MIME certificates|
I added a certificate to SOGo and whenever I am sending a mail it says "No error information available" (See attached picture).
However, when I am sending a mail by using my android app (Nine) with the same email address and certificate installed it says "Message is signed".
So it looks like SOGo has some troubles correctly importing .p12 certificates.
Thanks in advance for you help.
Any updates on this?
What does the certificate management interface says about your imported cert from SOGo web?
When importing a cert, SOGo apparently correctly imports it.
However, when sending a mail with the according cert, the signature of the sent message is invalid (see attached picture) and if one would enrypt the message, the receiver is unable to decrypt it.
Oddly, the same cert works just fine when imported into Nine on Android and sent mails from there have a valid signature and working encryption (see also attached picture)
Same issue as @lekron here ... Works perfectly with other programs (eg. thunderbird) but not in SOGo... :-(
Outlook error text:
Not related to the main topic of this ticket (certificate error when sending mail) but to the two previous posts (signatures broken in Outlook):
This affects MIME messages only. Pure text mails are ok.
According to RFC2046 (https://tools.ietf.org/html/rfc2046#section-5.1.1) a MIME message ends with the close delimiter (MIME boundary + "--" and optional whitespaces). A following newline and any text after it is the epilogue which is to be ignored or outright discarded.
OpenSSL signes everything you pass to it (including the epilogue) and also includes the epilogue when verifying a signature. Outlook on the other hand ignores the epilogue when verifying a signature (which sounds more standards compliant to me).
SOPE appends a CRLF to the close delimiter of MIME mails, i.e. an epilogue consisting of just "CRLF". This results in Outlook reporting broken signatures for SOGo signed MIME mails.
SOPE-no_epilogue.patch (411 bytes)
--- sope-mime/NGMime/NGMimeMultipartBodyGenerator.m.orig 2019-12-17 20:34:06.000000000 +0000 +++ sope-mime/NGMime/NGMimeMultipartBodyGenerator.m 2020-09-25 18:50:50.850010659 +0000 @@ -206,7 +206,7 @@ } [data appendBytes:"--" length:2]; [data appendBytes:[_boundary cString] length:[_boundary length]]; - [data appendBytes:"--\r\n" length:4]; + [data appendBytes:"--" length:2]; return data; }
SOPE-no_epilogue.patch (411 bytes)
How can I use these patch file?
You would have to compile SOPE yourself from the sources.
Btw.: Do you also get the "no error information available" message when sending a mail (the original topic of this ticket) or do you just suffer from the broken signatures in Outlook?
Okay thanks. Than I will wait that it's hopefully fixed in the next versions of sogo.
@ schmirl I have added your patch, thanks!
@lekron: Regarding the "No error information available" error message: does this error still show up and which version of SOGo are you running ATM?
|2019-01-09 04:28||lekron||New Issue|
|2019-01-09 04:28||lekron||File Added: smime_bug.png|
|2019-07-30 03:36||lekron||Note Added: 0013682|
|2019-07-30 08:56||ludovic||Note Added: 0013684|
|2019-08-07 08:59||lekron||Note Added: 0013698|
|2019-08-07 09:00||lekron||File Added: sogo_smime.png|
|2019-08-07 09:02||lekron||Note Edited: 0013698||View Revisions|
|2020-09-23 06:31||tik2707||Note Added: 0014814|
|2020-09-23 06:31||tik2707||File Added: 2020-09-23 12_29_33-Test von Sogo - signiert [signed OK] - Nachricht (HTML).png|
|2020-09-23 06:32||tik2707||Tag Attached: S/MIME|
|2020-09-28 03:44||schmirl||Note Added: 0014855|
|2020-09-28 03:44||schmirl||File Added: SOPE-no_epilogue.patch|
|2020-10-12 10:19||tik2707||Note Added: 0014882|
|2020-10-12 10:53||schmirl||Note Added: 0014883|
|2020-10-12 11:16||tik2707||Note Added: 0014884|
|2020-10-13 10:05||ludovic||Note Added: 0014885|
|2020-10-14 02:29||schmirl||Note Added: 0014886|