Evolution fails to send signed messages with S/MIME certificate
I have imported a certificate and the corresponding root certificates from a pkcs12 archive, all are trusted in the system trust store of my Fedora 32 system.
State 1: Decryption works, encryption works, signing fails
Directly after I open Evolution, Evolution can successfully decrypt a message M that was encrypted with my certificate. I can also send encrypted messages with the certificate. But when I want to send someone a signed message, Evolution shows an error message:
Could not create message. You may need to select different mail options. Detailed error: Cannot find certificate for “System Trust:My Name”
(with 'My Name' being my name)
I can solve this issue going to the account settings: I clear the signature certificate and encryption certificate (both are the same) for my account, then reselect them and close the settings. But on clicking "Send", I now get another error:
Could not create message. You may need to select different mail options. Detailed error: Uknown error. (-12285) - Failed to encode data
Googling I found that 12285 is a code for the SSL error SSL_ERROR_NO_CERTIFICATE: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/SSL_functions/sslerr.html I could not track down the error further than this.
Curiously, after having reselected my certificate in the account settings, Evolution changes behaviour, entering a "state 2":
State 2: Decryption fails, encryption works, signing fails
In this second state, Evolution fails to send signed messages, but still sends encrypted messages without error. However, it does no longer decrypt the same message M from the beginning. Instead it shows this error:
Could not parse S/MIME message: Cannot decrypt: you are not a recipient, or matching certificate and private key not found. (-8147) - Decoder failed
I can reproduce this behaviour after every restart of Evolution.