<div dir="auto">Can you use a command line client like openssl s_client to check the certificates? If a chained certificate it has to have the intermediate certificate in a particular order.</div><div><br><div class="gmail_quote gmail_quote_container"><div dir="ltr" class="gmail_attr">On Fri, Jul 18, 2025 at 11:30\u202fAM Phil Stracchino via rescue <<a href="mailto:rescue@sunhelp.org">rescue@sunhelp.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-style:solid;padding-left:1ex;border-left-color:rgb(204,204,204)">On 7/18/25 11:48, Stuff Received via rescue wrote:<br>
> On 2025-07-18 11:03, Phil Stracchino via rescue wrote:<br>
>> On 7/18/25 10:33, Patrick Giagnocavo wrote:<br>
>>> Surprisingly, <a href="http://search.brave.com" rel="noreferrer" target="_blank">search.brave.com</a> returns a useful result with their<br>
>>> blended "text snippets across sites" / "AI" feature.<br>
>>><br>
>>> Searching for "mutt ignore certificate s/mime" will get you links to<br>
>>> discussions of the problem and how to fix it.<br>
>><br>
>><br>
>> Hmm ... that only got me one useful-looking link I hadn't already<br>
>> found, to a 15-year-old discussion about mutt 1.5, and the one new<br>
>> suggestion it had to offer had no effect on the problem.<br>
>><br>
> <br>
> This may be redundant but I searched with duckduck.go and the following<br>
> were returned:<br>
> <br>
> <a href="https://superuser.com/questions/614985/in-mutt-how-to-extract-key-from-a-s-mime-signed-message-to-reply-encrypted" rel="noreferrer" target="_blank">https://superuser.com/questions/614985/in-mutt-how-to-extract-key-from-a-s-mime-signed-message-to-reply-encrypted</a><br>
> <br>
> <a href="http://www.mutt.org/doc/manual/#enc-smime" rel="noreferrer" target="_blank">http://www.mutt.org/doc/manual/#enc-smime</a><br>
<br>
<br>
Yeah, I'm not even trying to extract the key at this point, only to <br>
verify the signature. As far as I can tell, it is FUNCTIONALLY working, <br>
except that I suspect something in the chain disbelieves in the validity <br>
of the certificate. And I've followed the instructions for setting up <br>
that trust ... and it still doesn't work.<br>
<br>
<br>
-- <br>
Phil Stracchino<br>
Fenian House Publishing<br>
<a href="mailto:phils@caerllewys.net" target="_blank">phils@caerllewys.net</a><br>
<a href="mailto:phil@co.ordinate.org" target="_blank">phil@co.ordinate.org</a><br>
Landline: +1.603.293.8485<br>
Mobile: +1.603.998.6958<br>
<br>
_______________________________________________<br>
rescue list - <a href="http://sunhelp.org/mailman/listinfo/rescue_sunhelp.org" rel="noreferrer" target="_blank">http://sunhelp.org/mailman/listinfo/rescue_sunhelp.org</a><br>
</blockquote></div></div>