Using your digital signature in Mozilla Thunderbird for Linux

От Infonotary
Версия от 16:26, 2 ноември 2021 на Inskushev (беседа | приноси)
(разл) ← По-стара версия | Текуща версия (разл) | По-нова версия → (разл)
Направо към навигацията Направо към търсенето

Before you proceed you must do

  • If you have smart card reader and smart card from InfoNotary, but you didn't install the drivers for them do the following use repositories of InfoNotary
  • IMPORTANT : In the information message "Please enter the master password for InfoNotary", enter your PIN code.
  • IMPORTANT : Firefox and Thunderbird use direct access to the smart card. When you have successfully installed your certificates, you SHOULD NOT delete them from there, as this will also delete the certificate, along with the private and public keys on the smart card. After that, the certificate cannot be restored and a new one must be issued.
  • IMPORTANT : In order to use your certificate with Firefox and Thunderbird, the reader must be on your computer before opening the program.

Install Infonotary certificate chain

Start Mozilla Thunderbird. From the menu, select Preferences.

Thunderbird1.png

From Privacy & Security select Manage Certificates.

Thunderbird2.png

Choose the tab Your certificates and click on Import.

Thunderbird3.png

From the window that appears, select the pre-downloaded certification chain - InfoNotary_Qualified_eIDAS.p12

Import Qualifief Linux.png

Leave the field blank and click OK.

Thunderbird5.png

Newly installed certificates can be found in section Authorities.

Thunderbird6.png

In Mozilla for every certificate of a Certification Authority (CA) the user must choose a level of trust. This is done by selecting the certificate and clicking on Edit Trust. The easiest way to do this setting for the certificate "InfoNotary TSP Root" select two possible options. This will make all the InfoNotary trusted certificates for all operations.

Thunderbird7.png


Install software security module

Start Mozilla Thunderbird. From the menu, select Preferences.

Thunderbird1.png

From Privacy & Security, choose Security Devices.

Thunderbird8.png

To add a new device, choose Load.

Thunderbird9.png

Change the name of the module (Module Name), as desired.

Thunderbird10.png

Choose PKCS#11 library, that correspondents to your smart card.

OpenSC - in dependents of your distribution, which you use, it could be:

  • 64 bits Debian distributions (Debian, Ubuntu, Mint) - /usr/lib/x86_64-linux-gnu/opensc-pkcs11.so
  • 32 bits Debian distributions (Debian, Ubuntu, Mint) - /usr/lib/i386-linux-gnu/opensc-pkcs11.so
  • Old versions of Debian/Ubuntu and 32 bit versions of RedHat/Fedora - /usr/lib/opensc-pkcs11.so
  • 64 bit versions of RedHat/Fedora - /usr/lib64/opensc-pkcs11.so

Bit4ID

  • Standart location - /usr/lib/libbit4ipki.so
  • 64 bit version of RedHat/Fedora - /usr/lib64/libbit4ipki.so

Siemens

  • Standart location - /usr/local/lib/libsiecap11.so

After you click OK, your smart card will appear in the list of available devices.

Thunderbird11.png


Configuring use profile in Thunderbird

In order for you to sign your outgoing mails, you have to associate your account with your digital signature on your smart card. To do this follow the steps below:

From the menu, select Account Settings.

Thunderbird12.png

Press the Select button on "Personal certificate for digital signing" and "Personal certificate for encryption"

Thunderbird13.png

A window will appear where you can specify your certificate.

Thunderbird14.png

Choose the appropriate certificate from the smart card and confirm by clicking OK.


Thunderbird will offer you to choose the same certificate for decrypting messages send to you.