Re: [Fed-Talk] Re: Safari prompting for Cert selection
Re: [Fed-Talk] Re: Safari prompting for Cert selection
- Subject: Re: [Fed-Talk] Re: Safari prompting for Cert selection
- From: Timothy J Miller <email@hidden>
- Date: Tue, 8 Jul 2008 16:49:49 -0500
On Jul 8, 2008, at 2:08 PM, Niles, John B YD03 RET USAMC wrote:
With the update to 10.5.4, my CAC is now recognized by my SCR331
reader and the card shows up in my keychain. My ability to
digitally sign emails in MacMail has also been restored. However, I
cannot send nor receive encrypted messages.
*Receiving* encrypted email only breaks if you don't have the right
private key; this usually happens when you get a new card and forget
to publish them to the GAL, but it can also happen when GAL
replication breaks down. What's happening is people are sending you
mail encrypted with your *old* keys. Two things you can do:
1) Get on Outlook somewhere and publish your new certs to the GAL.
2) Recover your old encryption key in software form.
For (2) consult your local admin or PKI support office.
*Sending* encrypted email generally only breaks if there's an email
address mismatch between what's in the cert and the email address on
the To/CC/BCC line. These *must* match *including upper/lower case*
for the username part in Apple Mail. Note that the email address in
*your* cert must match your configured email address as well.
You can fix yours but if the problem is one of the other recipients
you're going to be SOL.
-- Tim
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden