I’m playing around with RT 4.4.3 Crypt and SMIME functions.
Unfortunately, I’m not able to configure RT to verify signed emails as “trusted”:
The signature is good, signed by , trust is none.
The development machine does not possess SMIME certificates but recognizes the signatures as “good” although all test emails are successfully signed by
Further, I copied the whole CA chain into a PEM file and tried to pin it directly; still, I got only “trust is none”. Do I forget something?
I would assume RT/openssl would be able to “find” the valid CA certificate. I’m using Debian Buster.
That the important config:
Set(%Crypt, ‘Incoming’ => [‘SMIME’] );
‘Enable’ => 1,
‘AcceptUntrustedCAs’ => 1,
‘CAPath’ => ‘/etc/ssl/certs/’,
‘Keyring’ => ‘/opt/rt4/var/smime’
/opt/rt4/var/smime is an empty directory.