Version 1.29.0-1772 - Beta version on Google Play

[Radoslav Stoyanov]

https://www.aqua-mail.com/download/AquaMail-market-1.29.0-1772-stable-f252a8d0a.apk

Hi all,

Version 1.29.0-1772 is our latest beta version published on Google Play.

In this version of Aqua Mail:

- Fortified our user privacy by adding support for S/MIME encryption and signing (IMAP & POP3)
- Adapted the app for Portuguese (Brazil) language and improved Spanish translations.
- Fixed a few bugs and improved app performance.

To enroll to our Beta Group, please use this link.

https://play.google.com/apps/testing/org.kman.AquaMail

We'd really appreciate all user feedback regarding the new S/MIME encryption and message signing feature.
If you're experiencing any issues, you can reply to this thread or email us at support/at/aqua-mail/dot/com with a more detailed description of what the exact issue is.


В этой версии Aqua Mail мы:

- Мы повысили конфиденциальность наших пользователей, добавив поддержку шифрования и подписи S/MIME (для IMAP и POP3)
- Адаптировали приложение для португальского (Бразилия) языка и улучшили переводы на испанский
- Исправили несколько ошибок и улучшили производительность приложения


Regards,
Radoslav

[Deltafox]

Work fine s/MIME.. I have 3 questions

1) The s/MIME Certificate is stored in aquamail db and not in android certificate?

2) I have yubiko 5 key can implement the smime token by nfc? Whit Smart card PIV pcsk#11 and Added Support for token piv? Like k9 mail?

3) any eta for openPGP support

Thank for reply...

[HeikoE]

Hello,
thanks for implementing S/Mime!
Unfortunately I can not get it working, yet.
I have a class 3 certificate from the German service www.volksverschluesselung.de [nofollow]. It pretty straight forward in windows. I exported the key and could easily import it to aqua mails repository. Anyway, the encrypted test mail from the service could not be decrypted. Aqua mail claims, that S/Mime needs to be enabled, but that is already done.
I then put the volksverschluesselung root certificates to the Android repository, but that also did not help.
Any additional advice?
Heiko

[MegaTronics]

I tried to import my pfx email certificate. I can select it and enter the password, but then nothing happens. It doesn't show up in the list. Any idea what is going wrong?

[Nedialko Kondev, MobiSystems, AquaMail Support]

Hi,

Please open Account Settings > End-to-end encryption > Certificate repository > snap a screenshot from there and send it to support@aqua-mail.com

In addition to that, let us know which certificate issuer/CA. And please note that, if this is an Exchange account, S/MIME for EWS is not supported in this version. We'll have it up and running within a couple of weeks. We expect your reply.

I tried to import my pfx email certificate. I can select it and enter the password, but then nothing happens. It doesn't show up in the list. Any idea what is going wrong?

[Radoslav Stoyanov]

Hello,
thanks for implementing S/Mime!
Unfortunately I can not get it working, yet.
I have a class 3 certificate from the German service www.volksverschluesselung.de. It pretty straight forward in windows. I exported the key and could easily import it to aqua mails repository. Anyway, the encrypted test mail from the service could not be decrypted. Aqua mail claims, that S/Mime needs to be enabled, but that is already done.

Hello HeikoE,

Please navigate to your certificate repository from the End-To-End encryption menu and enable the certificate that you have added (Settings -> Manage accounts -> Tap on End-To-End encryption-> Certificate repository -> Tap on your certificate to enable it). We're going to have to change the behavior so that if you've added your own certificate it is enabled, as this will be confusing for a lot of users. Please let us know if this fixed the issue.

Regards,
Radoslav

[MegaTronics]

Hi,

Please open Account Settings > End-to-end encryption > Certificate repository > snap a screenshot from there and send it to support@aqua-mail.com

In addition to that, let us know which certificate issuer/CA. And please note that, if this is an Exchange account, S/MIME for EWS is not supported in this version. We'll have it up and running within a couple of weeks. We expect your reply.

I tried to import my pfx email certificate. I can select it and enter the password, but then nothing happens. It doesn't show up in the list. Any idea what is going wrong?

The certificate is the Personal S/MIME from Sectigo,  ICA is Sectigo RSA Client Authentication and Secure Email CA and CA is Sectigo.

The list on the app at the point Certificate repository is empty after adding this certificate.

[Nedialko Kondev, MobiSystems, AquaMail Support]

Hello again,

We also use Sectigo with no issues on our end. Please send a Signed message to this email address smime3@mobisystems.com so I can review the certificate information.

Please use a different app that Aqua Mail, or maybe Thunderbird on PC or something else that surely works.

Hi,

Please open Account Settings > End-to-end encryption > Certificate repository > snap a screenshot from there and send it to support@aqua-mail.com

In addition to that, let us know which certificate issuer/CA. And please note that, if this is an Exchange account, S/MIME for EWS is not supported in this version. We'll have it up and running within a couple of weeks. We expect your reply.

I tried to import my pfx email certificate. I can select it and enter the password, but then nothing happens. It doesn't show up in the list. Any idea what is going wrong?

The certificate is the Personal S/MIME from Sectigo,  ICA is Sectigo RSA Client Authentication and Secure Email CA and CA is Sectigo.

The list on the app at the point Certificate repository is empty after adding this certificate.

[MegaTronics]

Mail send

Hello again,

We also use Sectigo with no issues on our end. Please send a Signed message to this email address smime3@mobisystems.com so I can review the certificate information.

Please use a different app that Aqua Mail, or maybe Thunderbird on PC or something else that surely works.

Hi,

Please open Account Settings > End-to-end encryption > Certificate repository > snap a screenshot from there and send it to support@aqua-mail.com

In addition to that, let us know which certificate issuer/CA. And please note that, if this is an Exchange account, S/MIME for EWS is not supported in this version. We'll have it up and running within a couple of weeks. We expect your reply.

I tried to import my pfx email certificate. I can select it and enter the password, but then nothing happens. It doesn't show up in the list. Any idea what is going wrong?

The certificate is the Personal S/MIME from Sectigo,  ICA is Sectigo RSA Client Authentication and Secure Email CA and CA is Sectigo.

The list on the app at the point Certificate repository is empty after adding this certificate.

[Nedialko Kondev, MobiSystems, AquaMail Support]

Hi,

Please check your email. I think we have fixed the problem

Mail send

Hello again,

We also use Sectigo with no issues on our end. Please send a Signed message to this email address smime3@mobisystems.com so I can review the certificate information.

Please use a different app that Aqua Mail, or maybe Thunderbird on PC or something else that surely works.

Hi,

Please open Account Settings > End-to-end encryption > Certificate repository > snap a screenshot from there and send it to support@aqua-mail.com

In addition to that, let us know which certificate issuer/CA. And please note that, if this is an Exchange account, S/MIME for EWS is not supported in this version. We'll have it up and running within a couple of weeks. We expect your reply.

I tried to import my pfx email certificate. I can select it and enter the password, but then nothing happens. It doesn't show up in the list. Any idea what is going wrong?

The certificate is the Personal S/MIME from Sectigo,  ICA is Sectigo RSA Client Authentication and Secure Email CA and CA is Sectigo.

The list on the app at the point Certificate repository is empty after adding this certificate.

[HeikoE]

Hello,
thanks for implementing S/Mime!
Unfortunately I can not get it working, yet.
I have a class 3 certificate from the German service www.volksverschluesselung.de [nofollow]. It pretty straight forward in windows. I exported the key and could easily import it to aqua mails repository. Anyway, the encrypted test mail from the service could not be decrypted. Aqua mail claims, that S/Mime needs to be enabled, but that is already done.

Hello HeikoE,

Please navigate to your certificate repository from the End-To-End encryption menu and enable the certificate that you have added (Settings -> Manage accounts -> Tap on End-To-End encryption-> Certificate repository -> Tap on your certificate to enable it). We're going to have to change the behavior so that if you've added your own certificate it is enabled, as this will be confusing for a lot of users. Please let us know if this fixed the issue.

Regards,
Radoslav

I had the individual certificate enabled. I'll try the next beta.

[MarkCanada]

I was able to get the certificate import working after I exported it Triple-DES/SHA-1. The AES256-SHA256 export of it didn't work.

It seems though that it is an all or nothing deal with the encryption.? Yes, it does ask if you send to someone without a certificate to skip encryption, but this behaviour is useless to me personally.
The one person I am most likely to send encrypted e-mails to has an iPhone and because their all-or-nothing is even worse than this, she can't have a certificate on the phone. So if I add her certificate, she would not be able to read any e-mails that I send to her on her phone, only on her desktop

Please make the behaviour similar to Outlook so the encryption (and signing) can be set on an individual e-mail. Like you can set the priority. Please...

[Nedialko Kondev, MobiSystems, AquaMail Support]

Hi Mark,

We know about the behavior. It is intended/by design. We did not plan to have this in the initial version, since it's a very big implementation, we're treading lightly. Thanks for sharing your opinion, if we get more users requesting the same, we'll definitely work on it.

I was able to get the certificate import working after I exported it Triple-DES/SHA-1. The AES256-SHA256 export of it didn't work.

It seems though that it is an all or nothing deal with the encryption.? Yes, it does ask if you send to someone without a certificate to skip encryption, but this behaviour is useless to me personally.
The one person I am most likely to send encrypted e-mails to has an iPhone and because their all-or-nothing is even worse than this, she can't have a certificate on the phone. So if I add her certificate, she would not be able to read any e-mails that I send to her on her phone, only on her desktop

Please make the behaviour similar to Outlook so the encryption (and signing) can be set on an individual e-mail. Like you can set the priority. Please...

[tossa-fan]

Hi,

I am of the opinion that it must be possible to choose whether to:

-just send
-send signed
-send encrypted

Just send should be default and the user should decide if signage or encryption is neccessary.
Exactly as with Priority or receipt confirmation.

Best regards, Jorge

Hi Mark,

We know about the behavior. It is intended/by design. We did not plan to have this in the initial version, since it's a very big implementation, we're treading lightly. Thanks for sharing your opinion, if we get more users requesting the same, we'll definitely work on it.

I was able to get the certificate import working after I exported it Triple-DES/SHA-1. The AES256-SHA256 export of it didn't work.

It seems though that it is an all or nothing deal with the encryption.? Yes, it does ask if you send to someone without a certificate to skip encryption, but this behaviour is useless to me personally.
The one person I am most likely to send encrypted e-mails to has an iPhone and because their all-or-nothing is even worse than this, she can't have a certificate on the phone. So if I add her certificate, she would not be able to read any e-mails that I send to her on her phone, only on her desktop

Please make the behaviour similar to Outlook so the encryption (and signing) can be set on an individual e-mail. Like you can set the priority. Please...

[Nedialko Kondev, MobiSystems, AquaMail Support]

Hi Jorge,

Thanks for sharing.

Regards,
Nedialko

Hi,

I am of the opinion that it must be possible to choose whether to:

-just send
-send signed
-send encrypted

Just send should be default and the user should decide if signage or encryption is neccessary.
Exactly as with Priority or receipt confirmation.

Best regards, Jorge

Hi Mark,

We know about the behavior. It is intended/by design. We did not plan to have this in the initial version, since it's a very big implementation, we're treading lightly. Thanks for sharing your opinion, if we get more users requesting the same, we'll definitely work on it.

I was able to get the certificate import working after I exported it Triple-DES/SHA-1. The AES256-SHA256 export of it didn't work.

It seems though that it is an all or nothing deal with the encryption.? Yes, it does ask if you send to someone without a certificate to skip encryption, but this behaviour is useless to me personally.
The one person I am most likely to send encrypted e-mails to has an iPhone and because their all-or-nothing is even worse than this, she can't have a certificate on the phone. So if I add her certificate, she would not be able to read any e-mails that I send to her on her phone, only on her desktop

Please make the behaviour similar to Outlook so the encryption (and signing) can be set on an individual e-mail. Like you can set the priority. Please...