I am not able to sign my outgoing Mails. After I imported the certificate I am able to select it to ENCRYPT messages but It does not show up when I try to select a certificate for SIGNING the messages. Reproducible: Always Steps to Reproduce: 1. open KMail 2. Import your certificate (used Kleopatra) 3. go to KMail (Kontact) settings, Identities, Edit, Cryptography 4. select a certificate for encryption: WORKS 5. try to select a certificate for singing: DOES NOT WORK (does not show any certificate) Actual Results: there was no certificate showing up Expected Results: I should be able to select the same certficate for signing the message After installing Kubuntu there was an error message that there was no crypto application installed so I installed Kleopatra and imported my mail certificates from there I am using the free Comodo Mail Service
Exact same problem with a totally different system: gentoo linux, kde 4.12.5 using S/MIME. I have an x509 certificate released by CN=Deutsche Telekom Root CA 2,OU=T-TeleSec Trust Center,O=Deutsche Telekom AG,C=DE and it is trusted in Kleopatra. The main purpose of this certificate is email signing: X509v3 extensions: X509v3 Certificate Policies: Policy: 1.3.6.1.4.1.22177.300.1.1.4.3.1 Policy: 1.3.6.1.4.1.22177.300.2.1.4.3.1 X509v3 Basic Constraints: CA:FALSE X509v3 Key Usage: Digital Signature, Non Repudiation, Key Encipherment X509v3 Extended Key Usage: TLS Web Client Authentication, E-mail Protection X509v3 Subject Key Identifier: 42:52:05:06:6B:6E:A0:B9:59:CB:CA:2A:A0:EB:62:8C:BC:2E:63:A3 X509v3 Authority Key Identifier: keyid:B0:C1:BB:68:35:7F:E2:D6:41:9C:1A:71:AF:E0:FC:41:34:CD:C3:A8 X509v3 Subject Alternative Name: email:<hidden> X509v3 CRL Distribution Points: Full Name: URI:http://cdp1.pca.dfn.de/classic-unitue-ca/pub/crl/g_cacrl.crl Full Name: URI:http://cdp2.pca.dfn.de/classic-unitue-ca/pub/crl/g_cacrl.crl Authority Information Access: CA Issuers - URI:http://cdp1.pca.dfn.de/classic-unitue-ca/pub/cacert/g_cacert.crt CA Issuers - URI:http://cdp2.pca.dfn.de/classic-unitue-ca/pub/cacert/g_cacert.crt
Maybe I found the source of the problem. gpg-agent is not running. Configuring KDE to automatically start the agent during startup fixed the issue. For more details see comment 8 of bug #324424 . If this is the case kmail should complain about missing gpg-agent when opening the dialog to select the S/MIME certificate
This bug has only been reported for versions before 4.14, which have been unsupported for at least two years now. Can anyone tell if this bug still present? If noone confirms this bug for a Framework-based version of kmail2 (version 5.0 or later, as part of KDE Applications 15.12 or later), it gets closed in about three months.
Just as announced in my last comment, I close this bug. If you encounter it again in a recent version (at least 5.0 aka 15.08), please open a new one unless it already exists. Thank you for all your input.