Email SMIME Certificates Without Authentication

Moderator: crythias

Post Reply
Mandrake981
Znuny newbie
Posts: 1
Joined: 16 Mar 2018, 16:48
Znuny Version: OTRS 5
Real Name: Randall Hobbs
Company: Excellus Solutions

Email SMIME Certificates Without Authentication

Post by Mandrake981 »

Hey guys,

We're running the latest version of 5.0 (otrs-5.0.26-01.noarch). We have been running this version for a while now (V5 - successfully) and have had zero problems with it. Now, because of some changes further up the chain, or customer base is having to either sign or encrypt their email. Because of this, we need to set up OTRS to pull certificates out of an LDAP directory (because all of the public certificates are able to be pulled from there), but we do not want to handle ANY authentication there (because the OTRS database already has all of the information there - including all customers, and they can successfully log in if needed). Essentially, we want all incoming emails to have the email address pulled, then have it pull the certificate from the LDAP directory for them (I have a majority of the LDAP details, and I can test as needed) so that it can store that certificate and use it whenever needed. We already have a certificate set up (SMIME) in OTRS, so we can send the responses signed, but until we can have it pull the certificate and handle the signed email, all we get is the following inside of OTRS:
Screenshot from 2018-03-16 08-09-47.png
This is what I am trying to alleviate. The LDAP source would pull all certificates (I'm assuming) to make this functional and show it as legitimate. I want it to show as it should, not what they're having to do now (in most instances, they can open that smime.p7m file and view what's in it, which includes the text from the message, but I am pretty sure OTRS can handle that part automatically, so I'd like to make it function as such.

Again, the OTRS MySQL database has ALL of the login credentials there, as well as all customer details. All I want to do is pluck the public certificate from an LDAP server using the customer's email address (when email is sent from them to OTRS), and once it retrieves it, go about normal business with that.

Can someone point me in the right direction here?

Thanks!
You do not have the required permissions to view the files attached to this post.
Post Reply