Skip Navigation
Expand
"There was a problem with your S/MIME Signature Certificate" error message
Answer ID 4853   |   Last Review Date 10/06/2018

Why are some contacts receiving an error message when trying to update an incident?

Environment: 

Oracle B2C Service Mailboxes, Techmail

Issue:

Some contacts are receiving an error when trying to update an incident:

There was a problem with your S / MIME Signature Certificate:
The certificate used to sign your email is untrusted.
(The incident was not updated. Please correct the above problem and
send your email again.)

Resolution: 

This rejection notification message appears when an untrusted S/MIME email certificate in the senders email is received in the Oracle Service mailbox. RightNow is indicating that the messages are signed with a certificate from a Certificate Authority that you have not chosen to trust. The security settings in the mailbox are specified on the Security tab within the Service Mailbox.

When emails are received containing an untrusted S/MIME certificate, they are discarded by the techmail application, unless that mailbox has the "Import untrusted certificates" checkbox selected in the Service Mailbox configuration.

To resolve this issue, you may consider selecting the "Import untrusted certificates" option on your specific service mailbox configuration. The only concern here is that the system would store invalid certificates associated with the contact and these cannot be purged by default in the future.

Another option is to disable signature certificates entirely. This is done through selecting the "Do not use S/MIME signature certificates" checkbox in the S/MIME section in the Security Tab in the Service Mailbox.

Please note, you may want to review these mailbox settings with your email administrator to be sure that it is within your mail security procedures.

Note: When working with S/MIME, if a contact sends an email using S/MIME the email can be blocked by Techmail regardless of your settings above if the email fails the integrity check. If a signed email is altered in any way during transit from the sender to Oracle, this will cause the integrity check to fail. This check does not distinguish between potentially legitimate reasons for the failure like SMTP forwarding, email clients modifying attachments, anti-virus, etc... Starting in the 18B version of Oracle B2C Service there is now a sub option under "Do not use S/MIME signature certificates" that allows the mailbox to ignore certificate integrity errors altogether. If the "ignore certificate integrity sign errors" checkbox is marked, Oracle B2C Service does not identify signed messages that have been altered during transit.
 

Available Languages for this Answer:

Notify Me
The page will refresh upon submission. Any pending input will be lost.