I want to be able to send signed and encrypted e-mails between a Mac using Mail and another Mac using Thunderbird, by using self-signed certificates on both ends. I used to be able to do so, but over the years things have gotten more difficult on both ends. To make the Thunderbird end work, I now have to create a self-signed certificate authority and then use that to make an e-mail certificate. But I can't get encryption to work on the Mail end. (I think Apple broke it in Mountain Lion.) In my keychain on the Mail end, I have the CA from the Thunderbird end, which is marked as trusted, and the e-mail certificate created by that CA, which says "This certificate is valid". But when I create an e-mail going to the other Mac, the encryption button is dimmed.
I read somewhere that the secret is to add the "key encipherment" extension when creating the certificate, and I did that, but it still doesn't work.
Best Answer
Is there a reason you're trying this particular approach?
If your real question is how to send signed and encrypted email, I use GPG (through GPGTools). There is a plug-in that works with Thunderbird but I use Apple's Mail.