[rt-users] All Incoming SMIME Signed Messages Showing as No Trust

Zoey Schutt zoey at braincoral.io
Fri Jul 24 15:35:26 EDT 2015

Thank you for the reply! I'll send you the signed email from my other email
address, as I don't have my personal certificate on the computer I am
currently using. It's issued by the same CA as my other ones.

All of my SSL certificates are from StartSSL, Class 2 Verified. Then I just
ran the X.506 binary through openssl and converted them to PEM files. Those
are outgoing of course, my incoming emails that I have been using to test so
far are sent via Outlook 2013.

I will send you the CA's PEM file and a signed message from my other address
as well, off-list.

Extra Version Info:

OpenSSL 1.0.1e 11 Feb 2013
perl 5, version 14, subversion 2 (v5.14.2) built for


Zoey Schutt

-----Original Message-----
From: rt-users [mailto:rt-users-bounces at lists.bestpractical.com] On Behalf
Of Alex Vandiver
Sent: Friday, July 24, 2015 2:20 AM
To: rt-users at lists.bestpractical.com
Subject: Re: [rt-users] All Incoming SMIME Signed Messages Showing as No

On Thu, 16 Jul 2015 15:52:34 -0400 "Zoey Schutt" <zoey at braincoral.io>
> OS and RT4 Info:
> Debian GNU/Linux 7 (wheezy)
> Apache/2.2.22 (Debian)
> PHP 5.5.26-1~dotdeb+7.4
> Request Tracker 4.2.11

As a note, RT is written in Perl, not PHP.  The other useful version to know
is the version of openssl, which you can find by running:

   openssl version

> I am attempting to configure S/MIME support in my RT4 instance, and I 
> have every piece working other than the verification of signatures on 
> incoming email.

What software is generating your certificates, and sending the incoming
mail?  I suspect your certificates are weird in a way that is throwing
openssl off.

Can you send me a simple S/MIME signed message and your CA's PEM file,
off-list, so I can inspect it?

 - Alex

More information about the rt-users mailing list