I created own CA to sign SMIME certs for email encoding. Next I generated several certificates for particular users. Below script for generating such certs:
Code:
openssl genrsa -des3 -out humble_coder.key 4096
openssl req -new -key humble_coder.key -out humble_coder.csr
openssl x509 -req -days 3650 -in humble_coder.csr -CA ca.crt -CAkey ca.key -set_serial 1 -out humble_coder.crt -setalias "Certyfikat wydany przez EPI" -addtrust emailProtection -addreject clientAuth -addreject serverAuth -trustout
openssl pkcs12 -export -in humble_coder.crt -inkey humble_coder.key -out humble_coder.p12
The problem is that nor signed and encrypted emails are not properly recognized/decrypted by recipients, using Thunderbird. Of course recipient has CA certificate installed. Looking to Thunderbird certificate set, it is not possible to find imported public key of sender. As far as I know it should be done automatically.
What is wrong? Any idea?
Importing certs to Android R2Mail2 works properly.