Estimated Time:less than a minute

Encrypt & Sign Mails offers validated certificates with a network of trusted people. That's fun !

Get a certificate (eg:

The key pair can then be extracted in p12 format from Firefox and it is possible to transform it to rsa format:

openssl pkcs12 -in ~/Downloads/cacert.p12 -out /home/$USER/.ssh/id_rsa_cacert

Installing neomutt from source on Ubuntu 18.04

sudo apt install libncursesw5-dev
sudo apt install libidn11-dev
git clone
cd neomutt
sudo make install

Loading the key into mutt

It is necessary to setup and use smime_key command to manage keys. It will generate a KeyID for the certificate (something like xxxxxx.0)

cp /home/$USER/git/neomutt/contrib/smime.rc ~/.smime.rc
/usr/libexec/neomutt/smime_keys init
mkdir -p ~/.smime/certificates
touch ~/.smime/certificates/.index
mkdir -p ~/.smime/keys
touch ~/.smime/keys/.index
/usr/libexec/neomutt/smime_keys add_p12 ~/Download/cacert.p12
/usr/libexec/neomutt/smime_keys refresh

Send a signed mail

After having written the mail in neomutt type shift-S and choose the s to sign the mail. It will choose the KeyID by default, and ask for the key password if exists.

Loading a public key

Right now, I don't know

Encrypt a mail

Choose e for encryption, and then enter to list the existing public keys.

This page was last modified: