Solving S/MIME problems
This page is intended to help users investigate, diagnose and resolve problems encountered when using S/MIME in BlueMind webmail.
The browser does not allow the use of S/MIME
For a user to be able to use S/MIME via BlueMind webmail, a ServiceWorker must be available. There are several reasons why it may be unavailable:
- webmail connection not secure (no HTTPS, no padlock next to URL)
- browsing is in private mode
- browser settings do not allow this
Trust in this certificate could not be established
A certificate can be a source of error if it is expired, invalid, revoked, or if it is not recognized by a trusted authority.
The expected email address does not match the one in the certificate
The certificate could not be verified: the e-mail address used in the mail system does not correspond to any address identified by the certificate. To solve the issue, import the certificate from the other party. If the problem persists, contact the administrator.
The user's private key or certificate have not been imported
The user needs to import the files required for S/MIME operation: his public certificate and his private key. To do this, follow the procedure described here
The certificate is invalid
The content of the certificate could not be analyzed, as it probably does not comply with standard x509. Contact the administrator to resolve the problem.
The certificate's email address does not match the "From" field
A certificate is associated with an e-mail address.
In order to sign or encrypt a message, this e-mail address is used in the "From" field. Otherwise, this error message appears:
It is not possible to sign or encrypt a message with a secondary identity.
The signature could not be validated
When the electronic signature could not be verified or is corrupted, an error message appears:
The message has been corrupted
The message has been altered since the sender wrote it. This may have come from a malicious mail server or third party. The message can still be viewed by clicking on "View anyway", but with caution, as the integrity of the message could not be verified.
The signature is not valid
The sender's electronic signature could not be verified. The message can still be viewed by clicking on "View anyway", but with caution, as the sender's authenticity could not be verified.
Writing a signed message fails
Technical problems
A technical problem has occurred, please contact the administrator.
The encrypted message is not displayed
The recipient's certificate was not used to encrypt the message
The sender probably has the wrong version of the recipient's certificate. To solve the issue, follow the certificate import procedure
Preview not possible
When receiving an encrypted email attachment, the webmail does not support decryption during the preview of this attachment.
Encrypted message fails to be written
The recipient's certificate is missing
To send an encrypted message, the recipient must have a certificate recognized as a "trusted entity".
If this is not the case, an error message appears when the message is written, the security options are displayed in red and a 
icon identifies the recipient(s) concerned:
The problem can be solved by removing the user from the recipient list or by importing the user's certificate. To do this:
- ask the user to send a signed e-mail (or send the certificate as an attachment)
- import your certificate by clicking on the icon
:
If the contact is external to the organization, the administrator will probably have to take action to recognize the contact's organization as a "trusted entity".
Technical problems
A technical problem has occurred, please contact the administrator.