Hi,

I'm drowning in frustration with my repeatedly failed attempts to set
up
encryption and digital signatures capabilities for my e-mail using
self-signed
certificates (it is for correspondence with a handful of people ---
relatives
and close friends)

Here's what I tried:

Thunderbird 2.0.0.12 running on Ubuntu Linux (7.04)

1) Create self-signed certificate:

openssl genrsa -out k.key 1024
openssl req -new -x509 -days 365 -key k.key -out c.crt

2) Convert it to PKCS-12 format:

openssl pkcs12 -export -in c.crt -inkey k.key -out zico.p12 -name
"Zico"

(without the -inkey, it won't work --- however, I'm unsure whether
that's the key the system is asking me for)

In the data it asks me for, I enter my e-mail address for "Common
Name", and then again the same e-mail address when prompted
for it [for the e-mail address]

3) Import the certificate:

On Thunderbird:

Edit -> Preferences ---> Advanced -> Certificates
Then, View Certificates -> Import

I select the file, then set up passwords, etc. etc.

4) Configure the security settings on my account.

While composing, I select "Digitally Sign this Message" --- it
complains that security settings have not been configured for
the account, and offers me to do it now. I select yes, and it
goes to the account settings --- I select the [only] certificate to
be used for this account.

Everything works without errors.

But then, when I try to send the message, I get the following
error:

"Sending of message failed. Unable to sign message. Please
check that the certificates [...] are valid and trusted"

I thought it might be because the *self-signed* nature of the
certificate, so I tried to add a Certificate Authority, indicating
the file c.crt --- it tells me that this certificate is already on
the
list.

What am I missing?

Thanks,
- Zico