Android Native Mail Unable To Display E-mail With Digital Signature
Hello!
I have a Samsung Galaxy S3 (I know very legacy, but I am waiting for the S7) and when I receive e-mails that have a Digital Signature, I do not see the contents of the e-mail. When I open the e-mail, the body of the e-mail states "Encrypted email" and button that states "Decrypt message." When I click on the Decrypt message button, I receive "Unable to display encrypted message. Certificate not installed.
Any assistance would be most helpful and appreciated.
What are your thoughts?
I have a Samsung Galaxy S3 (I know very legacy, but I am waiting for the S7) and when I receive e-mails that have a Digital Signature, I do not see the contents of the e-mail. When I open the e-mail, the body of the e-mail states "Encrypted email" and button that states "Decrypt message." When I click on the Decrypt message button, I receive "Unable to display encrypted message. Certificate not installed.
Any assistance would be most helpful and appreciated.
What are your thoughts?
ASKER
Thank you for this info. I had imported the certificate.
Where can I buy or download the PKCS#12 file?
Where can I buy or download the PKCS#12 file?
Do you host your mail server?
If yes, you should have the PKCS#12 file.
If yes, you should have the PKCS#12 file.
ASKER
Our Exchange Mail server is hosted externally by Sungard, but I have access to the Exchange 2010 servers. What are the steps on obtaining the PKCS#12 file from the Exchange Mail Server?
Thank you for all of your assistance with this!
Thank you for all of your assistance with this!
The info below might be useful for you to extract the PKCS#12 file from the windows server where the exchange 2010 is hosted.
"1. Click start > run
2. Type MMC and click OK
3. Click on File > Add/Remove Snap-in…
4. Select Certificates and click Add
5. Select Computer Account, click Next
6. Leave Local Computer selected, click Finish
7. Click Ok / Close
8. You will be back at the MMC console and it will show the Certificates Snap-In
9. Expand Certificates, expand Personal, click Certificates
10. Right click your certificate > All Tasks > Export
11. Certificate Export Wizard will appear, click Next
12. Select “Yes, export the private key” > Next
13. Select “Personal Information Exchange – PKCS #12 (.PFX)”
14. Leave the checkboxes below unchecked.
Note: If you select “include all certificates…” then it will export the intermediate certificates as well, the problem is when you import them it will import the intermediate certificates into the personal store and not the intermediate store. So it’s best to manually import your intermediate certs following the steps from your cert provider.
15. Make up a password to secure the exported .pfx certificate file
16. Pick a location to save the exported .pfx certificate file > Save > Finish"
Source: enterpriseit.co/windows-se
"1. Click start > run
2. Type MMC and click OK
3. Click on File > Add/Remove Snap-in…
4. Select Certificates and click Add
5. Select Computer Account, click Next
6. Leave Local Computer selected, click Finish
7. Click Ok / Close
8. You will be back at the MMC console and it will show the Certificates Snap-In
9. Expand Certificates, expand Personal, click Certificates
10. Right click your certificate > All Tasks > Export
11. Certificate Export Wizard will appear, click Next
12. Select “Yes, export the private key” > Next
13. Select “Personal Information Exchange – PKCS #12 (.PFX)”
14. Leave the checkboxes below unchecked.
Note: If you select “include all certificates…” then it will export the intermediate certificates as well, the problem is when you import them it will import the intermediate certificates into the personal store and not the intermediate store. So it’s best to manually import your intermediate certs following the steps from your cert provider.
15. Make up a password to secure the exported .pfx certificate file
16. Pick a location to save the exported .pfx certificate file > Save > Finish"
Source: enterpriseit.co/windows-se
ASKER
Thank you again for all of you assistance! I appreciate all of your help and guidance!
I exported our webmail.domain,com certificate to a pkcs#12.pfx file and successfully imported it onto my Samsung S3 - e-mail Security Options> Email encryption cert. When I try to open the e-mail that contains Digital Signature (from a vendor outside my company), I open the email, click on Decrypt message, and I am still getting the message of "Unable to display encrypted message. Certificate not installed."
Just curious - Do I need to obtain this certificate from the vendor?
What are your thoughts?
I exported our webmail.domain,com certificate to a pkcs#12.pfx file and successfully imported it onto my Samsung S3 - e-mail Security Options> Email encryption cert. When I try to open the e-mail that contains Digital Signature (from a vendor outside my company), I open the email, click on Decrypt message, and I am still getting the message of "Unable to display encrypted message. Certificate not installed."
Just curious - Do I need to obtain this certificate from the vendor?
What are your thoughts?
I think that it should be the exchange activesync certificate, not the webmail SSL.
Exporting the exchange activesync certificate is using Export-ExchangeCertificate
https://technet.microsoft.com/en-us/library/bb310778(v=exchg.141).aspx
Details procedure is listed in the link below.
https://exchangeserverpro.com/export-an-exchange-server-2010-certificate-to-exchange-2003/
Then, it comes to how to import the .p12 file into an android device.
According to another question in EE forum, it says:
"Solution was :
- rename the pfx files into .p12
- copy to the root of the devide (NOT "usbStorage")
- install ..."
Source: https://www.experts-exchange.com/questions/27251026/Importing-certificates-on-an-Android-Samsung-GT-I9100.html
Exporting the exchange activesync certificate is using Export-ExchangeCertificate
https://technet.microsoft.com/en-us/library/bb310778(v=exchg.141).aspx
Details procedure is listed in the link below.
https://exchangeserverpro.com/export-an-exchange-server-2010-certificate-to-exchange-2003/
Then, it comes to how to import the .p12 file into an android device.
According to another question in EE forum, it says:
"Solution was :
- rename the pfx files into .p12
- copy to the root of the devide (NOT "usbStorage")
- install ..."
Source: https://www.experts-exchange.com/questions/27251026/Importing-certificates-on-an-Android-Samsung-GT-I9100.html
ASKER
Jackie - Thank you again for all of your assistance with this!
I have imported the AutoSync certificate and when I click on the Decrypt message button on an e-mail with a Digital Signature, it will open the e-mail, but now it shows:
This is a multipart message in MIME format.
----
=_NextPart_000_017F_01D0F6
Content-Type: multipart/related;
boundary="----=_NextPart_0
------=_NextPart_001_0180_
Content-Type: multipart/alternative;
boundary="----=_NextPart_0
------=_NextPart_002_0181_
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding:
Just got it back.. her you go! (This was the original message from the sender)
However, there was a PDF attachment sent and I can not see the file in the e-mail.
Any ideas?
Thank you again for all of your assistance! I really appreciate it!
I have imported the AutoSync certificate and when I click on the Decrypt message button on an e-mail with a Digital Signature, it will open the e-mail, but now it shows:
This is a multipart message in MIME format.
----
=_NextPart_000_017F_01D0F6
Content-Type: multipart/related;
boundary="----=_NextPart_0
------=_NextPart_001_0180_
Content-Type: multipart/alternative;
boundary="----=_NextPart_0
------=_NextPart_002_0181_
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding:
Just got it back.. her you go! (This was the original message from the sender)
However, there was a PDF attachment sent and I can not see the file in the e-mail.
Any ideas?
Thank you again for all of your assistance! I really appreciate it!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
https://support.quovadisglobal.com/KB/a404/how-do-i-sign-and-encrypt-emails-on-a-samsung-galaxy-device.aspx