This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Workaround for S/MIME certificate not downloadable in V9.510

Here's a workaround to get the S/MIME certificate.  Start by logging in with PuTTy at the command line. (How to use the Putty tool to access the command line)

1. Run a command as root that outputs the desired cert on your terminal.  My example is testuser@domain.com:

secure:/root # cc get_object $(cc get_object_by_name emailpki user testuser@domain.com | fgrep "'smime'" | grep -o "REF_[^']*") | sed -n -e "s/^.*'//" -e '/-----BEGIN CERTIFICATE-----/,/-----END CERTIFICATE-----/p'

2. Copy the following result into a Windows text editor and save it as testuser@domain.com.pem.

-----BEGIN CERTIFICATE-----
MIIEGzCCAwOgAwIBAgIEWp2mZDANBgkqhkiG9w0BAQ0FADBxMQswCQYDVQQGEwJ1
czEWMBQGA1UEBxMNT2tsYWhvbWEgQ2l0eTEYMBYGA1UEChMPTWVkaWFTb2Z0LCBJ
bmMuMRAwDgYDVQQLEwdHYXRld2F5MR4wHAYDVQQDExVwb3N0Lm1lZGlhc29mdHVz
YS5jb20wHhcNMTgwMzA1MjAxOTQ4WhcNMzgwMjI4MjAxOTQ4WjB3MQswCQYDVQQG
EwJ1czEYMBYGA1UEChMPTWVkaWFTb2Z0LCBJbmMuMRAwDgYDVQQLEwdHYXRld2F5
MRMwEQYDVQQDEwpCb2IgQWxmc29uMScwJQYJKoZIhvcNAQkBFhhiYWxmc29uQG1l
ZGlhc29mdHVzYS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDj
tx2LXXUE7WvJNAdER9F8/8XhBn574VproTPcKGy4ry/Qf1xU/wDI8mEPsPksGXve
cCm/imXj024RmF1/tFMG2YKTas2AdJzDI+Wev25e/QkMucdTLyDxx4AnyuaYmojJ
dSqJ3jxJP17d3mu8He14oYJjnOxsgzu9Zg0r62/c9ci7WdmC9fXrTPSr5LVNnUFq
6vctDsL2SND0sJEKwK7iD+wPyE8zDiUr39FeXACkJv6IaWeQWCKuP3V6RN+fh0YQ
fra696N+8hmkoEgqlKlX7hnU81lHVyrnbNdLBVnT1eY/fxMmA9xSqWDeqUIphH3T
bYnLS01ebTrts3A12tL9AgMBAAGjgbQwgbEwCQYDVR0TBAIwADARBglghkgBhvhC
AQEEBAMCBLAwLAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRp
ZmljYXRlMB0GA1UdDgQWBBRx0ecNn2ct+ot0LWXNiwEB5acY+zAfBgNVHSMEGDAW
gBTiK75jVXrVKPKWAQbi/QvOFRSd/zAjBgNVHREEHDAagRhiYWxmc29uQG1lZGlh
c29mdHVzYS5jb20wDQYJKoZIhvcNAQENBQADggEBAFOGWwoEt8fOCqj2+s+atka/
e0v6Cn+UiQXPYMwZDx2G42Mbu3heLNGFd4MM3/OAB4B1OGbMkeoeJDcuEWlBZeBe
5pZP3bWimMQQ4xYkjCtRfTLrXbBMXNUwUT3SdaROvNpl3nbAhokt6JwtkE+rll32
rOqsFjNdIeab1S0O82+uqrNGSRVdON4K0OmmjC00BD62EyYdZohsyYMh/VHDGG87
YS98o3yZULRoZEgagstbrYD52RtJbeUb/Shd8/m4AENm7WpH47EyvXVa06EzvEKU
siiU2d/9dDJwE8G7cvvseA7g68abzwDaB7G6tiP6lLSPIlVCszU76b2G428RHew=
-----END CERTIFICATE-----

Cheers - Bob



This thread was automatically locked due to age.
Parents
  • Hi Bob,

     

    Hope you are well and 2019 is treating you well. I have a question here, seems I don't know which directory to run this from, since all I get is file not found when running for domain email address. I am running into the same SC230 and 9.510-5. Nothing urgent, just wanted to be counted as encountering issue.

     

    Thanks,

     

    Joel

  • This is about using S/MIME encryption, Joel.  If you haven't set up the email address as an Internal User in 'Encryption', the above command won't find the certificate.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • This is about using S/MIME encryption, Joel.  If you haven't set up the email address as an Internal User in 'Encryption', the above command won't find the certificate.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data