Digital signature and certificates on Mail

Altemir ... It's important that the certificate has been created for the e-mail address you want to use as sender e-mail. Your certificate needs to be imported into keychain. Keychain only accepts certificates in a number of formats, among them .p12. You can import in a number of ways, you can for example drop your .p12 file (the certificate) on the keychain icon. Then open keychain and check whether the certificate is visible under "my certificates". It has to appear there and it has to show as "valid" and not as "expired". Control-click on the certificate and set-up a new preferred identity for your e-mail address (I am not sure whether this step actually does any difference but give it a try). Close mail.app and restart mail.app. When you now create a new e-mail and you choose as sender e-mail the e-mail address for which you have the certificate then you should see on the right side, just below the subject line a little symbol which you can click on for activating the signature for the e-mail your writing. Hope all this works.

Thanks Valentin - I had the same problem and your explanation was spot-on 🙂

Cheers
MIchael

I've just spent quite a bit of time trying to figure out why Mac Mail wouldn't display encryption options using my certificate, which is valid and not expired, in my Keychain. I just realized that it has to do with my email address: my actual address is much longer than my mail alias, which I like to use as my outgoing address since it's easier to remember. I used my real address, and not the alias, when requesting the certificate, and I assume this is why Mail won't accept it. But I don't see any errors when starting Mail, nor do I see anything in the console.

Is there a way to get Mail to use my certificate with my aliased address? I don't even think Mail provides an option to supply a different reply-to email addresses for an account (except when composing or replying to a message).

So I went through the trouble of re-applying fo rmy certificate, so that now the email addresses match and Keychain calls the cert "valid", so Mail recognizes the cert and attempts to sign messages with it. Now, when I try to send a message with a signature, I get "Operation could not be completed (MFMessageErrorDomain error 1035.)". I've read that deleting your existing mail password from your Keychain and then re-adding it should solve this problem, but it doesn't. I've tried deleting the password, the cert and key, re-importing the cert, and letting Mail add the password back to the Keychain, but the error remains.

Is there anything else I can try, aside from deleting the entire Keychain and starting from scratch (which would be quite painful)?

Greetings,

if I download the Thawte freemail certificate it is places in »certificates« and not in »my certificates«. So what did i wrong or how to move the cetificate to »my certificates«?

Kind regards from Germany!

Hallo form one - I too have a Thawte certificate under "Certificates" and not "My Certificates". All I seem to have in "My Certificates" are private keys. As all is working fine for I don't care where it's stored but I have to admit that I don't quite see the logic of the filing in Keychain Access.

Grüsse und Servus
Michael

+As I see right now the certificates must be in this »my certificates« folder. On another Mac I have one certificate in this folder and it works fine. But now I dont know how I get it there.+

.

Also so wie es sich bisher darstellt, funktioniert das mit Apple Mail nur dann, wenn das Zertifikat im »Meine Zertifikate« Ordner liegt. Ich habe noch einen zweiten Rechner bei dem liegt in diesem besagten Ordner das Zertifikat und es geht einwandfrei. Alle Zertifikate anderer E-Mail-Adressen die nicht in diesem Ordner liegen funktionieren nicht.

I have a smart card with my certificates issued by an Italian service that I use to access the electronic trial system and sign documents. The software has been created in collaboration with Apple Italy and it works with safari. It doesn't work with mail; the keychain is present but mail doesn't recognize it. After reading your posts and watching an Apple seminar I have a simple question: should I have a specific certificate to sign mails? different from the certificate I use to sign documents? My card contains two private keys and two certificates, but in the Apple video the teacher was using an email private key. Should I obtain a similar certificate?
Thank you
Ivan