Consider the following scenario:
Consider Batul sending an email to Shabbir. When Batul sends a digital signature, she signs the email with her private key. And Shabbir will verify it with Batul's public key.
But when Batul sends an encrypted mail to Shabbir, she encrypts it with Shabbir's public key. And Shabbir will decrypt it with his private key.
Encryption by itself is not sufficient. Because the contents of the message are secret, but there is no guarantee that the mail has come from Batul. Batul has to send a digital signature to prove that she has sent the message and that the message has not been altered during transit.
In this tutorial, we create a local CA on Batul's machine. This local CA creates S/MIME certificates for users Batul and Shabbir.
We will then add Batul and Shabbir's certificate along with the CA certificate to their email clients. Then we will send encrypted mail.
Batul's Machine: On Batul's machine, perform the following steps.
1) Install package
[batul@server3 ~]$ sudo yum -y install openssl
2) Create S/MIME Certificate for Batul's email-id. Follow the following steps:
2.1) Create local CA. The CA certificate file '/etc/pki/CA/cacert.pem' will be added to Batul and Shabbir's email client.
[root@server3 ~]# /etc/pki/tls/misc/CA -newca
2.2) Create public-private key pair
[root@server3 ~]# openssl genrsa -out batul.key
2.3) Create a certificate signing request (CSR) for Batul's email address.
[root@server3 ~]# openssl req -new -key batul.key -out batul.csr
Country Name (2 letter code) [XX]:inState or Province Name (full name) []:maharashtra
Locality Name (eg, city) [Default City]:mumbai
Organization Name (eg, company) [Default Company Ltd]:my company ltd
Organizational Unit Name (eg, section) []:it
Common Name (eg, your name or your server's hostname) []:batul@mycompany.com
Email Address []:batul@mycompany.com
2.4) Sign the Certificate.
[root@server3 ~]# openssl ca -in batul.csr -out batul.crt
2.5) Create pkcs12 format file. The pkcs12 file combines the Certificate and key file into one file.
[root@server3 ~]# openssl pkcs12 -export -inkey batul.key -in batul.crt -out batul.pkcs12
Enter Export Password:
Verifying - Enter Export Password:
Batul's certificate files: batul.pkcs12, batul.crt
3) Create S/MIME Certificate for Shabbir's email-id. Follow the following steps:
3.1) Create public-private key pair
[root@server3 ~]# openssl genrsa -out shabbir.key
3.2) Create a certificate signing request (CSR) for Shabbir's email address.
[root@server3 ~]# openssl req -new -key shabbir.key -out shabbir.csr
Country Name (2 letter code) [XX]:inState or Province Name (full name) []:maharashtra
Locality Name (eg, city) [Default City]:mumbai
Organization Name (eg, company) [Default Company Ltd]:my company ltd
Organizational Unit Name (eg, section) []:it
Common Name (eg, your name or your server's hostname) []:shabbir@mycompany.com
Email Address []:shabbir@mycompany.com
3.3) Sign the Certificate.
[root@server3 ~]# openssl ca -in shabbir.csr -out shabbir.crt
3.4) Create pkcs12 format file. The pkcs12 file combines the Certificate and key file into one file.
[root@server3 ~]# openssl pkcs12 -export -inkey shabbir.key -in shabbir.crt -out shabbir.pkcs12
Enter Export Password:
Verifying - Enter Export Password:
Shabbir's certificate files: shabbir.pkcs12, shabbir.crt
4) Add Batul's Email Certificate, Shabbir's email certificate and C.A. Certificate in Evolution Email Client
Click Applications, click Office, Click Evolution.
In the Evolution main menu, Click Edit, Click Preferences.
In the left tab, click Certificates.
In the tab, Your Certificates, Click Import button.Select the file batul.pkcs12. (created above)
In the tab, Contact Certificates, Click Import button.Select the file shabbir.crt.
In the tab Authorities. Click Import button. Select the CA Certificate file cacert.pem. In the 'Certificate Authority Trust Window' select "Trust this CA to identify email users".
In the left tab, click Mail Accounts.
Select Account Name batul@mycompany.com, click Edit
In the left tab, Click Security.
In the section Secure MIME, for Signing Certificate select Batul's certificate and for Encryption Certificate select Batul's certificate.
Click OK.
5) Give the following files to Batul's friend Shabbir, to configure in his email client. Shabbir's pkcs12 certificate file: shabbir.pkcs12
Batul's certificate file: batul.crt
CA certificate file: cacert.pem
Shabbir's Machine: On Shabbir's machine, perform the following steps.
1) Add Shabbir's pkcs12 Certificate, Batul's Certificate and C.A. Certificate in Evolution Email Client
Click Applications, click Office, Click Evolution.
In the Evolution main menu, Click Edit, Click Preferences.
In the left tab, click Certificates.
In the tab, Your Certificates, Click Import button.Select the file shabbir.pkcs12.
In the tab, Contact Certificates, Click Import button.Select the file batul.crt.
In the tab Authorities. Click Import button. Select the CA Certificate file cacert.pem. In the 'Certificate Authority Trust Window' select "Trust this CA to identify email users".
In the left tab, click Mail Accounts.
Select Account Name shabbir@mycompany.com, click Edit
In the left tab, Click Security.
In the section Secure MIME, for Signing Certificate select Shabbir's certificate and for Encryption Certificate select Shabbir's certificate.
Click OK.
3) Send encrypted mail to Batul.
On the Evolution main screen, click New to Compose a new mail message
In the Compose Message menu, click Options. Click S/MIME Encrypt.
Enter Batul's email id and other email details and click Send to send the message.
The encrypted message has been sent. Batul's email client will decrypt the mail using her private key.
4) To sign the message Click S/MIME Sign in the Options menu item in the Compose Message window
Consider Batul sending an email to Shabbir. When Batul sends a digital signature, she signs the email with her private key. And Shabbir will verify it with Batul's public key.
But when Batul sends an encrypted mail to Shabbir, she encrypts it with Shabbir's public key. And Shabbir will decrypt it with his private key.
Encryption by itself is not sufficient. Because the contents of the message are secret, but there is no guarantee that the mail has come from Batul. Batul has to send a digital signature to prove that she has sent the message and that the message has not been altered during transit.
In this tutorial, we create a local CA on Batul's machine. This local CA creates S/MIME certificates for users Batul and Shabbir.
We will then add Batul and Shabbir's certificate along with the CA certificate to their email clients. Then we will send encrypted mail.
Batul's Machine: On Batul's machine, perform the following steps.
1) Install package
[batul@server3 ~]$ sudo yum -y install openssl
2) Create S/MIME Certificate for Batul's email-id. Follow the following steps:
2.1) Create local CA. The CA certificate file '/etc/pki/CA/cacert.pem' will be added to Batul and Shabbir's email client.
[root@server3 ~]# /etc/pki/tls/misc/CA -newca
2.2) Create public-private key pair
[root@server3 ~]# openssl genrsa -out batul.key
2.3) Create a certificate signing request (CSR) for Batul's email address.
[root@server3 ~]# openssl req -new -key batul.key -out batul.csr
Country Name (2 letter code) [XX]:inState or Province Name (full name) []:maharashtra
Locality Name (eg, city) [Default City]:mumbai
Organization Name (eg, company) [Default Company Ltd]:my company ltd
Organizational Unit Name (eg, section) []:it
Common Name (eg, your name or your server's hostname) []:batul@mycompany.com
Email Address []:batul@mycompany.com
2.4) Sign the Certificate.
[root@server3 ~]# openssl ca -in batul.csr -out batul.crt
2.5) Create pkcs12 format file. The pkcs12 file combines the Certificate and key file into one file.
[root@server3 ~]# openssl pkcs12 -export -inkey batul.key -in batul.crt -out batul.pkcs12
Enter Export Password:
Verifying - Enter Export Password:
Batul's certificate files: batul.pkcs12, batul.crt
3) Create S/MIME Certificate for Shabbir's email-id. Follow the following steps:
3.1) Create public-private key pair
[root@server3 ~]# openssl genrsa -out shabbir.key
3.2) Create a certificate signing request (CSR) for Shabbir's email address.
[root@server3 ~]# openssl req -new -key shabbir.key -out shabbir.csr
Country Name (2 letter code) [XX]:inState or Province Name (full name) []:maharashtra
Locality Name (eg, city) [Default City]:mumbai
Organization Name (eg, company) [Default Company Ltd]:my company ltd
Organizational Unit Name (eg, section) []:it
Common Name (eg, your name or your server's hostname) []:shabbir@mycompany.com
Email Address []:shabbir@mycompany.com
3.3) Sign the Certificate.
[root@server3 ~]# openssl ca -in shabbir.csr -out shabbir.crt
3.4) Create pkcs12 format file. The pkcs12 file combines the Certificate and key file into one file.
[root@server3 ~]# openssl pkcs12 -export -inkey shabbir.key -in shabbir.crt -out shabbir.pkcs12
Enter Export Password:
Verifying - Enter Export Password:
Shabbir's certificate files: shabbir.pkcs12, shabbir.crt
4) Add Batul's Email Certificate, Shabbir's email certificate and C.A. Certificate in Evolution Email Client
Click Applications, click Office, Click Evolution.
In the Evolution main menu, Click Edit, Click Preferences.
In the left tab, click Certificates.
In the tab, Your Certificates, Click Import button.Select the file batul.pkcs12. (created above)
In the tab, Contact Certificates, Click Import button.Select the file shabbir.crt.
In the tab Authorities. Click Import button. Select the CA Certificate file cacert.pem. In the 'Certificate Authority Trust Window' select "Trust this CA to identify email users".
In the left tab, click Mail Accounts.
Select Account Name batul@mycompany.com, click Edit
In the left tab, Click Security.
In the section Secure MIME, for Signing Certificate select Batul's certificate and for Encryption Certificate select Batul's certificate.
Click OK.
5) Give the following files to Batul's friend Shabbir, to configure in his email client. Shabbir's pkcs12 certificate file: shabbir.pkcs12
Batul's certificate file: batul.crt
CA certificate file: cacert.pem
Shabbir's Machine: On Shabbir's machine, perform the following steps.
1) Add Shabbir's pkcs12 Certificate, Batul's Certificate and C.A. Certificate in Evolution Email Client
Click Applications, click Office, Click Evolution.
In the Evolution main menu, Click Edit, Click Preferences.
In the left tab, click Certificates.
In the tab, Your Certificates, Click Import button.Select the file shabbir.pkcs12.
In the tab, Contact Certificates, Click Import button.Select the file batul.crt.
In the tab Authorities. Click Import button. Select the CA Certificate file cacert.pem. In the 'Certificate Authority Trust Window' select "Trust this CA to identify email users".
In the left tab, click Mail Accounts.
Select Account Name shabbir@mycompany.com, click Edit
In the left tab, Click Security.
In the section Secure MIME, for Signing Certificate select Shabbir's certificate and for Encryption Certificate select Shabbir's certificate.
Click OK.
3) Send encrypted mail to Batul.
On the Evolution main screen, click New to Compose a new mail message
In the Compose Message menu, click Options. Click S/MIME Encrypt.
Enter Batul's email id and other email details and click Send to send the message.
The encrypted message has been sent. Batul's email client will decrypt the mail using her private key.
4) To sign the message Click S/MIME Sign in the Options menu item in the Compose Message window
SSN FULLZ AVAILABLE
ReplyDeleteFresh & valid spammed USA SSN+Dob Leads with DL available in bulk.
>>1$ each SSN+DOB
>>3$ each with SSN+DOB+DL
>>5$ each for premium fullz (700+ credit score with replacement guarantee)
Prices are negotiable in bulk order
Serious buyer contact me no time wasters please
Bulk order will be preferable
CONTACT
Telegram > @leadsupplier
ICQ > 752822040
Email > leads.sellers1212@gmail.com
OTHER STUFF YOU CAN GET
SSN+DOB Fullz
CC's with CVV's (vbv & non-vbv)
USA Photo ID'S (Front & back)
All type of tutorials available
(Carding, spamming, hacking, scam page, Cash outs, dumps cash outs)
SQL Injector
Premium Accounts (Netflix, Pornhub, etc)
Paypal Logins
Bitcoin Cracker
SMTP Linux Root
DUMPS with pins track 1 and 2
WU & Bank transfers
Socks, rdp's, vpn
Php mailer
Server I.P's
HQ Emails with passwords
All types of tools & tutorials.. & much more
Looking for long term business
For trust full vendor, feel free to contact
CONTACT
Telegram > @leadsupplier
ICQ > 752822040
Email > leads.sellers1212@gmail.com