did anybody have any luck with the certificate manager in Tiger?
Yes it is easy to creat a certificate, but how to get mail to sign a email with it?
The Certificate Assistant in Keychain Access? I’ve never used it; I just took a quick look at it now. It seems to handle traditional certificates and CAs; I don’t think that’s what you really want for your purpose.
Honestly, I haven’t really looked into certs and CAs much before. My guess is you can make yourself a CA, send your certificate to each person who then imports it into their keychain, and mail is auto signed when you send to that person. Certificates are meant to be used with a Certificate Authority. For websites, that could be Verisign. Within a company network, there’s CA. Perhaps within a specific group of people across the net, one person becomes the CA.
The most common way of signing email across the internet is probably PGP. I believe you can upload your public key to a key server, sign all your mail, and then anyone who wishes to verify your identity can use your public key. For OS X, you can use the mail plugin GPGMail.
No that is exactly what i want. It is a perfect way to encrypt emails, much easier than PGP.
Creating the certificate is no problem, and it is easy to put it in the right key chain. But i can not get mail to use the certificate i created myself to encrypt the message.
How many people encrypt their emails?
Ok. that’s cool. Personally, I would get a certificate issued from a trusted CA like Versign. You can import that to your keychain and I believe it would work.
I think you need to create a CA with OpenSSL and place it in your keychain.
I did that before. If you get a certificate from a trusted CA it is usally only vaid for one year. With the certificate manager you can set the exiery date yourself. And of course you can fill in all the information you like.
The only problem: mail will not use it.
mail will use it if you create a CA with OpenSSL and import it into your keychain.