I use Apple Mail for my emails, on a MacBook Pro running Lion 10.7.5.
In my Mail client, I have two email accounts configured. One (we'll call this the Signed Account) has a signing certificate purchased from Verisign; the other (the Unsigned Account) does not. I would like to be able to sign — and, where appropriate, encrypt — emails I send from the former account, but not the latter, by default.
Which would be the normal behaviour for Mail, I'm given to understand. Except that I have a second signing certificate on my computer. (I have several, in fact, but only the two I mention are important.) This second certificate was obtained from an academic grid signing authority for the purposes of connecting as an administrator to particular web databases. It's not intended to be used for email.
But Mail tries to use it nonetheless. Specifically, because the certificate uses the email address of the Unsigned Account (for contact details?), the Mail program thinks it's good for signing emails sent from that account.
The only way I've been able to disable that function (and, thus, avoid the big, ugly banner that says, "Unable to verify message signature.") is by turning off signing altogether (checking the seal button in the Compose window). This affects the other account — the Signed Account — as well.
I tried to set the "Secure Mail (S/MIME)" setting to Never Trust in the Keychain settings for that particular certificate, but it doesn't seem to have changed anything in this regard.
Is there a way of "permanently" disabling signing (but only if using the Unsigned Account), while keeping signing in place for the Signed Account? This could be in Mail itself, in Keychain Access, or in some other place.