S/MIME Encryption in Nextcloud 27 and Mail 3.2.0 does not work


I use Nextcloud 27 and the Mail app in version 3.2.0. I have imported my certificate from Actalis and can open old already encrypted emails. But I can not create encrypted emails, is that correct or should encrypting and signing with S/MIME also work?

Thanks in advance for your answers

Encryption and signing should work. But it can only work if the certificate can do it. I am not sure if this is the case for Actalis certs.

1 Like

Since the certificate works in Outlook, Thunderbird, Apple Mail (iOS / macOS) and SOGo, I assume that the necessary properties are available. Previously encrypted emails with other clients can also be opened in the Mail App. I just can’t do any signing or encryption in the Nextcloud Mail app.

The certificate is available from Actalis for free:

Here the properties of the certificate without my private data:

        Version: 3 (0x2)
        Serial Number:
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C = IT, ST = Bergamo, L = Ponte San Pietro, O = Actalis S.p.A., CN = Actalis Client Authentication CA G3
            Not Before: May 15 16:59:43 2023 GMT
            Not After : May 15 16:59:42 2024 GMT
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
            X509v3 Authority Key Identifier:
            Authority Information Access:
                CA Issuers - URI:http://cacert.actalis.it/certs/actalis-autclig3
                OCSP - URI:http://ocsp09.actalis.it/VA/AUTHCL-G3
            X509v3 Certificate Policies:
                  CPS: https://www.actalis.it/area-download
            X509v3 Extended Key Usage:
                TLS Web Client Authentication, E-mail Protection
            X509v3 CRL Distribution Points:
                Full Name:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
    Signature Algorithm: sha256WithRSAEncryption

That sounds like a bug then. Please report it at Sign in to GitHub Β· GitHub.

Hello! Are you getting any closer to solving the problem? I am asking because 7 weeks have already passed. We are currently evaluating whether to switch to Nextcloud and it is very unfortunate that one of the most important tools has an issue.

I see version 3.3.1 is out now.

The error has not been fixed yet.

NextCloud Mail: S/Mime certificate does not encrypte/sign messages #8552