Outlook flags S/MIME signatures from CFMAIL as invalid
- February 28, 2023
- 1 reply
- 601 views
Hello,
I am trying to send out signed emails with an S/MIME signature through CFMAIL, and I have been able to get it working. However, when the emails are received in Outlook, the signature is flagged as invalid. On other mail clients, such as the Apple Mail App, the signature is flagged as valid. What's more, after inspecting the certificate / signature in Outlook, the signature is suddenly valid and any incoming messages with this signature are no longer flagged (See attached image. After clicking the Button marked Red, the Cert becomes valid).
I have tested this on many different versions of CF from 11 to 2021 with the same result. I have also tried converting the signature to other formats, such as .jks.
I imported the certificates used into different mail clients such as Thunderbird and Outlook to test if the certificates are really invalid. However, when sending emails directly from these mail clients and signing them, I did not get any messages that the certificates were invalid.
This makes me believe that the problem is related to how CFMAIL is signing the mail, as the certificates work as expected in other software.
Below is the code I used for testing:
<cfmail
from="some@mail.com"
to="other@mail.com"
subject="Mail with Digital Signature"
sign="true"
<!--- Also tried converting to .jks format --->
keystore="#(ExpandPath("cert_file.p12"))#"
keystorepassword="SecurePassword"
<!---
encrypt="true"
encryptionalgorithm="AES256_CBC"
keyalias="crypto"
keypassword="SecurePassword"
--->
username="some@mail.com"
password="SecurePassword"
server="mailspool.mail.com"
port="25"> <!--- Also tried secure connections (465, SSL etc.) --->
Hello there!
</cfmail>
I am looking for any advice on how to solve this issue, and would appreciate any help.
Thank you!
AdChoices