[Alpine-info] Thawte FreeMail and S/MIME

[Dan Mahoney, System Admin]

All,

The good news: I have retrieved a Thawte Freemail certificate, and have 
imported the FreeMail CA root into alpine.  Receipt of a signed message 
now works, and verifies.

The bad news: Sending is a LOT harder and I haven't figured it out quite 
yet.

Also, a major annoyance is that Thawte's policy for generating 
certificates seems to be strongly tied to using automatic (and 
browser-specific) csr generation methods, so the procedure is basically to 
request a cert using the appropriate browser, then export the cert.

There's a developer-only compatibility test that MAY allow you to generate 
a cert but it's surrounded by a whole lot of "danger will robinson".

Worse still -- it seems Thawte's email certificates come with an 
intermediate cert.

Alpine's directions aren't exactly clear on what to do.  They say you 
should only have one private key (most likely, although I assume if I'm 
using roles I might have more).

Does this also mean I should have an entry for my e-mail address in my 
"public" folder?

I've tried putting these into my "public" directory, and the cert in 
private, with the correct ".key" suffix.

I've also tried stripping the private key down to just my personal cert, 
and private key.

None work so far.

Any ideas?

If there's anything I can do to help debug this, let me know.

-Dan

-- 

"Long live little fat girls!"

-Recent Taco Bell Ad Slogan, Literally Translated.  (Viva Gorditas)

--------Dan Mahoney--------
Techie,  Sysadmin,  WebGeek
Gushi on efnet/undernet IRC
ICQ: 13735144   AIM: LarpGM
Site:  http://www.gushi.org
---------------------------