Mon, 06 Apr 2026 08:17:54 +0000 https://bugs.horde.org/ticket/5986 Problem importing public keys for S/MIME X.509 certificates may contain email addresses in the subject. But it is also possible to move the email address from the subject to the subject alternative name. Horde looks for the mail address only in the subject of the certificate during the import of the public key. If the address was moved from the subject to the subject alternative name horde is unable to import the public key. I hope this small patch for smime.php is suitable. Thu, 13 Dec 2007 10:03:34 +0000 https://bugs.horde.org/ticket/5986#t39748 There was no patch attached. Thu, 13 Dec 2007 18:19:56 +0000 https://bugs.horde.org/ticket/5986#t39792 the patch for smime.php *** framework/Crypt/Crypt/smime.php-orig Wed Aug 22 11:48:04 2007 --- framework/Crypt/Crypt/smime.php Wed Dec 12 16:00:45 2007 *************** *** 1250,1255 **** --- 1250,1265 ---- } elseif (isset($key_info['subject']['emailAddress'])) { return $key_info['subject']['emailAddress']; } + } + // Hg: the email address could be moved from the subject to the + // subjectAltName field + if (is_array($key_info) && isset($key_info['extensions'])) { + if (isset($key_info['extensions']['subjectAltName'])) { + $val = $key_info['extensions']['subjectAltName']; + if (trim(stripos($val, "mail:")) == 1) { + return substr($val, 7); + } + } } return null; Thu, 13 Dec 2007 18:25:10 +0000 https://bugs.horde.org/ticket/5986#t39808 Can you also provide an example cert that triggers this behavior? Thu, 13 Dec 2007 18:52:56 +0000 https://bugs.horde.org/ticket/5986#t39832 I was able to generate a test for this, including a multi-valued subjectAltName set of email addresses, and committed a similar patch (that also handles multiple values correctly). Fri, 28 Dec 2007 22:26:51 +0000 https://bugs.horde.org/ticket/5986#t40496