On Oct 19, 2013, at 6:41 AM, Chris Leduc <chrisleduc@me.com> wrote:

Hello List!

I use a SuisseID Smartcard to send signed E-Mail through Outlook. Outlook recognizes that the smart card is inserted into the Mac and lets me sign it properly. However, Mail.app does not show me the usual sign/encrypt buttons.

The feature is still there, since it works when a certificate/key pair is installed directly in the keychain (from symantec in that instance).

Any experience with that?

Chris, Use of Mail for S/MIME (Sign/Encrypt) has no configuration required (unlike Outlook), but has the same requirements whether the identity is in a file-based keychain or a smartcard-based keychain: The RFC822Name in the Email Signing Certificate MUST match exactly to the Email Account Address you are sending from. This also includes the RFC requirement that everything to the left of the “@“ is case sensitive: Example: RFC822Name (Cert) Acct Address (Mail) Match ? Good: user@company.com user@company.com YES Fails: User@company.com user@company.com NO-> “U” < > “u” Fails: user@othercompany.com user@company.com NO-> "othercompany" <> "company" Make sure that you enter the email address in your Mail Account to match your RFC822Name in your email signing certificate. This same requirement exists for sending encrypted to a recipient — you need to have entered the same address that matches exactly to the RFC822Name in their certificate. - Shawn ____________________________________________________________________________ Shawn Geddis Enterprise Security Consulting Engineer, Apple (geddis@me.com) SCAP-On-Apple Project/Dev Lead: (SCAP-On-Apple.MacOSForge.Org) SmartCardServices Project/Dev Lead: (SmartCardServices.MacOSFforge.Org) ____________________________________________________________________________