Problem installing digital id certificate / encryption

A

Allen

I downloaded a digital id certificate from Verisign, and when I did, it was
automatically installed in both Keychain and the Microsoft Cert Manager. But
when I try to send a signed or encrypted message from Entourage 2004, I get
an error that says "You must first install a valid signing certificate
before you can send a digitally signed message. Do you want to send this
message without a digital signature?"

There is also a link to the Help topic "About digitally signed and encrypted
messages," but no details there. The topic "Import a certificate or digital
ID" covers importing non-root certificates, but when I opened Cert Manager,
my id was already present. I followed the directions nonetheless, but no
help.

I also followed the install root certificate instructions in the topic
"Install root certificates," (for OS X 10.3 - I have 10.3.4) but step 3 says
to click X509 Anchors, which does not appear in my Add Certificates dialog
box.

So, stumped. Any help?

Allen
 
E

Eric Kwang

Allen said:
I downloaded a digital id certificate from Verisign, and when I did, it was
automatically installed in both Keychain and the Microsoft Cert Manager. But
when I try to send a signed or encrypted message from Entourage 2004, I get
an error that says "You must first install a valid signing certificate
before you can send a digitally signed message. Do you want to send this
message without a digital signature?"

There is also a link to the Help topic "About digitally signed and encrypted
messages," but no details there. The topic "Import a certificate or digital
ID" covers importing non-root certificates, but when I opened Cert Manager,
my id was already present. I followed the directions nonetheless, but no
help.

I also followed the install root certificate instructions in the topic
"Install root certificates," (for OS X 10.3 - I have 10.3.4) but step 3 says
to click X509 Anchors, which does not appear in my Add Certificates dialog
box.

So, stumped. Any help?

Allen
Click to expand...

Hi Allen,

I myself am stumped on the root cert issue, but for personal digital
ID;s, you don't want to forget that aside from installing it in the MS
Cert Mgr, you need to assign it to the account in question via the
Security tab in the account settings tab too.

Hope this helps.

Eric
 
C

Chris Ridd

I downloaded a digital id certificate from Verisign, and when I did, it was
automatically installed in both Keychain and the Microsoft Cert Manager. But
when I try to send a signed or encrypted message from Entourage 2004, I get
an error that says "You must first install a valid signing certificate
before you can send a digitally signed message. Do you want to send this
message without a digital signature?"

There is also a link to the Help topic "About digitally signed and encrypted
messages," but no details there. The topic "Import a certificate or digital
ID" covers importing non-root certificates, but when I opened Cert Manager,
my id was already present. I followed the directions nonetheless, but no
help.

I also followed the install root certificate instructions in the topic
"Install root certificates," (for OS X 10.3 - I have 10.3.4) but step 3 says
to click X509 Anchors, which does not appear in my Add Certificates dialog
box.
Click to expand...

X509Anchors (no space) is a file inside the /System/Library/Keychains
directory. It is write protected and in a write protected folder, but if you
make them writable you can add (and delete) certs in that keychain.

Cheers,

Chris
 
P

Paul Berkowitz

X509Anchors (no space) is a file inside the /System/Library/Keychains
directory. It is write protected and in a write protected folder, but if you
make them writable you can add (and delete) certs in that keychain.
Click to expand...

That's not how to do it. First of all, your Mac already has a Verisign root
certificate - you shouldn't need to add one, and the digital id cert you got
from Verisign is not a root certificate anyway. Perhaps that's why X509 did
not show up : if you ever have one, X509 Anchors shows up at the bottom of
the popup menu in "Add Certificates" dialog when you drag the cert to the
Keychain Access icon. (The popup menu displays the top item 'login' by
default.)

If you imported the cert with the Microsoft Cert Manager OK, you're in
business. (You can't even do that with root certs, so this shows it's not a
root, but a personal cert.)

The Help topic - for some reason - does not direct you after "Import a
certificate or digital ID" on what to do next. But if you originally entered
"certificates" or "digital ID" in the Search box, you should also see links
to "POP mail account options", "IMAP mail account options", "Exchange mail
account options". When you click the appropriate one(s), you'll see
"Security tab". Basically, you click "Select" button and select the cert you
want to use (even if there's only one installed by MS Cert Mgr) - you'll see
only your MS-installed cert(s).

After you select it, you can then choose to digitally sign by default if you
wish for that account. (Some mailing lists don't accept them if they don't
accept attachments, by the way.) Or you can just choose to digitally sign
manually via the Option/Security toolbar button or Message menu item. Even
then, any reply you make to someone who digitally signed to you will also do
so automatically.

--
Paul Berkowitz
MVP Entourage
Entourage FAQ Page: <http://www.entourage.mvps.org/faq/index.html>
AppleScripts for Entourage: <http://macscripter.net/scriptbuilders/>

Please "Reply To Newsgroup" to reply to this message. Emails will be
ignored.

PLEASE always state which version of Entourage you are using - **2004**, X
or 2001. It's often impossible to answer your questions otherwise.
 
W

Walt Basil

I downloaded a digital id certificate from Verisign, and when I did, it was
automatically installed in both Keychain and the Microsoft Cert Manager. But
when I try to send a signed or encrypted message from Entourage 2004, I get
an error that says "You must first install a valid signing certificate
before you can send a digitally signed message. Do you want to send this
message without a digital signature?"

There is also a link to the Help topic "About digitally signed and encrypted
messages," but no details there. The topic "Import a certificate or digital
ID" covers importing non-root certificates, but when I opened Cert Manager,
my id was already present. I followed the directions nonetheless, but no
help.

I also followed the install root certificate instructions in the topic
"Install root certificates," (for OS X 10.3 - I have 10.3.4) but step 3 says
to click X509 Anchors, which does not appear in my Add Certificates dialog
box.

So, stumped. Any help?

Allen
Click to expand...

See my help page:
<http://www.basilweb.net/macoffice/digid1.html>

--
Walt Basil
www.basilweb.net

My Office site:
<http://www.basilweb.net/macoffice/office.html>

You can email me at (firstname)AT(lastname)web.net
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

I'm still unable to use certificates with Entourage 1
Certificate warning problem 5
Unstoppable root certificate error 4
Entourage not recognizing valid certificate from Keychain 5
Root certificate problem 1
Windows Mail + Encryption 0
Certificate Problems 7
Digital Signing of Entourage and Microsoft Certificates 3

Top