A recent upgrade of Evolution and other libs (sorry, don't know what/when exactly) causes signing e-mails with S/MIME fail, with the following message after pushing Send: Could not create message. Because "Uknown error. (-12285) - Failed to encode data", you may need to select different mail options. According to http://www.mozilla.org/projects/security/pki/nss/ref/ssl/sslerr.html this could mean that my own certificate or the CA certificate is invalid. However, I didn't change anything, and my certificate is not expired. I also checked that the CA certificate is installed, valid (i.e. not expired) and that the Trust settings allow to use this certificate for e-mail contacts (in fact, all the checkboxes in that dialog are checked). As for the other possibilities named in the description of error code 12285, I have neither changed the passphrase for the password manager nor for the certificate. I already re-emerged and revdep-rebuilt all evolution, nss and openssl – to no avail. (I admit that this entire issue sounds like something on my side, but it worked before and I didn't do anything, except updating.) Reproducible: Always Steps to Reproduce: 1. Set up S/MIME signing with evolution 2. Set account to always sign outgoing messages 3. Try to write and send a message Actual Results: Can't sign messages, must deactivate checkbox at "Options → S/MIME sign" to send. Expected Results: Duh. lab ~ # emerge --info Portage 2.1.8.3 (default/linux/amd64/10.0/desktop, gcc-4.4.4, glibc-2.11.2-r0, 2.6.34-gentoo-r1 x86_64) ================================================================= System uname: Linux-2.6.34-gentoo-r1-x86_64-Intel-R-_Core-TM-_i7_CPU_960_@_3.20GHz-with-gentoo-2.0.1 Timestamp of tree: Sat, 10 Jul 2010 11:15:03 +0000 ccache version 2.4 [enabled] app-shells/bash: 4.1_p7 dev-java/java-config: 2.1.11 dev-lang/python: 2.6.5-r2, 3.1.2-r3 dev-util/ccache: 2.4-r8 dev-util/cmake: 2.8.1-r2 sys-apps/baselayout: 2.0.1 sys-apps/openrc: 0.6.1-r1 sys-apps/sandbox: 2.2 sys-devel/autoconf: 2.13, 2.65-r1 sys-devel/automake: 1.8.5-r4, 1.9.6-r3, 1.10.3, 1.11.1 sys-devel/binutils: 2.20.1-r1 sys-devel/gcc: 4.3.5, 4.4.4-r1 sys-devel/gcc-config: 1.4.1 sys-devel/libtool: 2.2.10 virtual/os-headers: 2.6.34 ACCEPT_KEYWORDS="amd64 ~amd64" ACCEPT_LICENSE="* -@EULA" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-march=core2 -msse4 -mcx16 -msahf -O2 -pipe" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/share/X11/xkb /usr/share/config /var/lib/hsqldb" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo" CXXFLAGS="-march=core2 -msse4 -mcx16 -msahf -O2 -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="assume-digests buildpkg ccache distlocks fixpackages news parallel-fetch protect-owned sandbox sfperms strict unmerge-logs unmerge-orphans userfetch" GENTOO_MIRRORS="ftp://mirror.netcologne.de/gentoo/ http://mirrors.sec.informatik.tu-darmstadt.de/gentoo/ ftp://ftp.belnet.be/mirror/rsync.gentoo.org/gentoo/ http://ftp-stud.fht-esslingen.de/pub/Mirrors/gentoo/" LANG="en_US.UTF-8" LDFLAGS="-Wl,-O1" LINGUAS="de fr en" MAKEOPTS="-j1" PKGDIR="/usr/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage" SYNC="rsync://rsync.de.gentoo.org/gentoo-portage" USE="X a52 aac acl acpi aiglx alsa amd64 arts avi bash-completion berkdb bluetooth branding bzip2 cairo cdr cli consolekit cracklib crypt cups cxx dbus dri dri2 dts dv dvb dvd dvdr dvdread emboss encode exif fam fame ffmpeg firefox flac foomaticdb fortran gdbm gif gpm gtk gtk2 hal iconv imlib ipv6 jingle jpeg kde lcms libnotify mad matroska mikmod mmx mng modules mp3 mp4 mpeg mudflap multilib ncurses networkmanager nls nptl nptlonly ogg opengl openmp pam pango pcre pdf perl png policykit ppds pppd python qt qt3support qt4 readline reflection sdl session spell spl sse sse2 ssl subversion svg sysfs tcpd telepathy theora tiff truetype unicode usb userlocales v4l2 vlm vorbis vpx win64codecs x264 xcb xinerama xml xorg xulrunner xv xvid zlib" ALSA_CARDS="hda-intel usb-audio" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="de fr en" RUBY_TARGETS="ruby18" USERLAND="GNU" VIDEO_CARDS="radeonhd radeon" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, LC_ALL, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
You can see what packages got updated checking at the end of /var/log/emerge.log Also, please check how does this work on a new created user account
Also run evolution from a terminal looking for errors shown on it when reproducing the bug
Sorry, I can't say what was emerged since the first occurence of this bug. When starting Evolution from command line, there's nothing helpful about my bug. Only: "(evolution:3105): e-data-server-DEBUG: Loading categories from "/home/lxg/.evolution/categories.xml" (evolution:3105): e-data-server-DEBUG: Loaded 31 categories (evolution:3105): evolution-network-manager-WARNING **: The name org.freedesktop.NetworkManager was not provided by any .service files" I tried with a different certificate, but had the same error. Then I tried with a different user, and it worked. Onle
(In reply to comment #3) > Then I tried with a different user, and it worked. This bug is not valid then since it's caused by some problem with old and inherited configurations. On the other hand, you could reopen this bug if you are able to know what steps are needed to reproduce the problem on a new created user account. For fixing evolution on your account, I would suggest you to try to move your old ~/.evolution to something like ~/.evolution.old and, then, try to copy some files to your fresh evolution profile until the problem reappears. If even with a fresh .evolution dir you are still getting the same problem, maybe the problem is in any other configuration directory involved with S/MIME signing, in that case I would suggest you to ask in forums.gentoo.org Good luck!
Little update on this one: I still don't know how this happened, but here are some clues: On my ~x86_64 Gentoo machine, I see a new directory, ~/.pki which appears to contain NSS cert databases. When I start evo 2.30.2 from a new system user created account and import certificates, it will create this directory. On a machine with Ubuntu 9.10 and Evo 2.28.? (dunno, it's at work now), this directory doesn't exist. The NSS certificates databases are in ~/.evolution on this machine. I also noticed some funny behaviour when I tried to remove or import certificates into the 2.30.2 Evo: e.g. I deleted a certificate, shut down Evo and started again … and the certificate was there again. But I cannot reproduce this anymore. (Just writing this in case anyone notices a similar behaviour.) However, there's a happy ending: I was able to recover my certificates from the Ubuntu machine with certutil/pk12util, a friendly hint at #evolution on irc.gimp.org and the following mailing list entry: http://www.mail-archive.com/mozilla-crypto@mozilla.org/msg03792.html Then I deleted my existing certificates in Evo, shut it down with “evolution --force-shutdown”, restarted again, and imported my certificates. Everything is fine now again!
Great :-)
