Video Screencast Help

PGP Messenging signs for one key but not another

Created: 19 Mar 2011 • Updated: 20 Mar 2011 | 5 comments
This issue has been solved. See solution.

Hi,

I am running PGP Desktop Home V10.1.1 on Vista 32bit.

I am using Outlook 2007.

When I try to sign a message or encrypt using a service linked to an iprimus.com.au email account, it all works fine.

When I try using a service linked to a eureka32.flexihostings.net email account it just sends the message as a normal email without the Notifier poping up and no sign or encryption.

Email proxy is turned on, and I have let PGP automatically create the messenging service and also tried manually creating it.

I have tried setting the server settings to altenate ports with no success.

I have followed all the Tom McCune suggestions to other people  in the PGP forums but still no success.

Outlook has authentication on for outgoing emails and SSL/TLS disabled so PGP can handle that.

The PGP log shows no obvious errors other than this line in the log.  Looking at the Symantic help FAQs indicates that this should not prevent encryption.

21:46:14 Email     Warning    Server eureka32.flexihostings.net presented a TLS certificate that was issued by an unknown Certificate Authority (issuer: CN=eureka.flexihostings.net, EMAIL=ssl@eureka.flexihostings.net, OU=Unknown, O=Unknown, L=Unknown, ST=Unknown, C=US)

Any assistance would be appreciated as this problem is driving me nuts.  The main reason I purchased PGP was to automatically sign and encrypt emails when using the the Eureka account.

Regards,

Phil

Comments 5 CommentsJump to latest comment

Tom Mc's picture

I don't think that Warning message would indicate a problem IF the first time you got it, you selected the option of always accepting that certificate.

If you didn't, you could delete the PGP messaging service, and let it be recreated, and then do so.  Just deleting the service and letting it be recreated may take care of the problem anyway - sometimes it does for no apparent reason.

When you consider your issue resolved, please click Mark As Solution on the most helpful response.

Search the Knowledge Base &

NMOHS's picture

Thanks for the quick reply Tom.

I do not get a popup window that gives me an option to accept the certificate just a log entry to say it is invalid.

I have tried deleting the service and letting it recreate, but that has not solved the problem.  The emails from that service are not signed or encrypted.

Regards,

Phil

NMOHS's picture

Hi Again Tom,

I just tried deleting the service again, but this time when it recreated, I told it to generate a new key but it still does not work.  I also do not a get a popup to accept the TLS certificate.

The TLS popup does occur for a gmail account though.

Here is the log for the test attempt after I recreated the account.  This time it used the ip address 67.228.198.32 for the server instead of flexihostings.net

 

22:32:30 Email      Verbose    Successful connect on port 995

22:32:32 Email      Verbose    TLS session established with 67.228.198.32

22:32:33 Email      Warning    Server 67.228.198.32 presented a TLS certificate that was issued by an unknown Certificate Authority (issuer: CN=eureka.flexihostings.net, EMAIL=ssl@eureka.flexihostings.net, OU=Unknown, O=Unknown, L=Unknown, ST=Unknown, C=US)

22:32:33 Email      Verbose    TLS remote auth key: eureka.flexihostings.net <ssl@eureka.flexihostings.net>

22:32:33 Email      Verbose    Connected to server at 67.228.198.32

22:32:34 Email      Verbose    Looking for account data for user ec-pres@otoaustralia.org.au

22:32:34 Email      Verbose    Found existing account list entry for 67.228.198.32

22:32:34 Email      Verbose    Existing entry is ec-pres@otoaustralia.org.au

22:32:37 Email      Info       Processing message from ec-pres@otoaustralia.org.au with subject: test

As you can see, it processes the messages but does not encrypt or sign.  The otoaustralia.org.au address is hosted on flexihostings and I have also tried manually creating a service with mail.otoaustralia.org.au instead of the ip address for the smtp server, but that did not work either.

One more thing, in the log I can see an entry "Proxying SMTP for iprimus" but I only get a "Proxying POP" for the flexihostings account that does not work.  I have tried manually changing the port for SMTP to 26 which is suggested by flexihostings for TLS connections, but still no joy.

Anything else I can try?

Regards,

Phil

NMOHS's picture

Hi again,

Definately found the problem now.  I had to manually set PGP server settings to use STARTTLS and port 25 with this service.  Just tested and it is encrypting and signing fine now.  It also finally popped up the message to allow me to always use the certificate.

Regards,

Phil

SOLUTION
Tom Mc's picture

Glad to hear you have this resolved!

When you consider your issue resolved, please click Mark As Solution on the most helpful response.

Search the Knowledge Base &