We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

Avatar for Username

Pesquisar no site de suporte

Evite golpes de suporte. Nunca pedimos que você ligue ou envie uma mensagem de texto para um número de telefone, ou compartilhe informações pessoais. Denuncie atividades suspeitas usando a opção “Denunciar abuso”.

Saiba mais

Esta discussão foi arquivada. Faça uma nova pergunta se precisa de ajuda.

New Windows Security pop up with Thunderbird 91

  • 2 respostas
  • 1 tem este problema
  • 1 exibição
  • Última resposta de christ1

opoplawski1
opoplawski1
more options

With the update to TB 91, we are seeing the attached pop up when composing a signed or encrypted email. I find this a little surprising because we are storing our email certificates directly in TB rather than in the windows certificate store. Could anyone shed more light on the changes to the way TB is dealing with signing certificates? Thanks.

With the update to TB 91, we are seeing the attached pop up when composing a signed or encrypted email. I find this a little surprising because we are storing our email certificates directly in TB rather than in the windows certificate store. Could anyone shed more light on the changes to the way TB is dealing with signing certificates? Thanks.
Capturas de tela anexadas

Todas as respostas (2)

opoplawski1
opoplawski1 Autor da pergunta
more options

Also, it seems like TB will try to make use of a smartcard if one is present even when configured to use a local TB cert for encryption.

christ1
christ1
  • Top 25 Contributor
more options

Try to set the pref security.enterprise_roots.enabled to false. For more information see https://bugzilla.mozilla.org/show_bug.cgi?id=1726442

Also, it seems like TB will try to make use of a smartcard if one is present even when configured to use a local TB cert for encryption.

If the private key is on the smartcard only, there's no way around that. The private key is needed to sign messages, and to read encrypted messages. If the private key is also present in the Thunderbird certificate store, then what is the point of using a smartcard at all?