With the release of Snow Leopard, GPGMail is no longer functional. GPGMail has been a commonly-used application for encrypting and signing emails. After some research, I found the developer of the application has stated he will not be releasing an update to make the application compatible with Mail.app in Snow Leopard. This is because the application was using an undocumented/unsupported feature in Mail.app, and Apple has discontinued the protocols that where being used by GPGMail.
This left me to look into new methods of signing and securing emails with out spending money on a commercial application like PGP. The following provides directions for using thawte to achieve email encryption and signing. By default, thawte stores your private keys on their system, which is all fine and good, but personally, I do not want anyone having copies of my private keys --that is, after all, why they are called private keys. The downfall of my method, of course, is that you want to make sure you do not lose your key pair!
Note: These directions require use of the command line. If you are not comfortable with the command line, then do not attempt this process.
[robg adds: Read on for the solution; in researching this hint, I found this email discussion stating that someone's working on a Python port of GPGMail, and that beta testing may open soon, for those interested.]
The following commands are run in Terminal, unless otherwise noted.
$ openssl genrsa -des3 -out mail.key 1024
Generating RSA private key, 1024 bit long modulus
Enter pass phrase for mail.key: [this is your secret pass phrase]
Verifying - Enter pass phrase for mail.key: [this is your secret pass phrase]
$$ openssl req -new -key mail.key -out mail.csr
Enter pass phrase for mail.key:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:US
State or Province Name (full name) [Some-State]:Florida
Locality Name (eg, city) []:Key Largo
Organization Name (eg, company) [Internet Widgits Pty Ltd]:TCH Enterprises
Organizational Unit Name (eg, section) []:EMAIL
Common Name (eg, YOUR name) []:paste_your_certificate_here
Email Address []:your_email@domain.com
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
$ -----BEGIN PKCS7-----
insert the contents of your fetched key file. YOU ONLY WANT THE CONTENT LOCATED IN THE PKCS7
section of the document which is located between "-----BEGIN PKCS #7 SIGNED DATA-----" and "-----END
PKCS #7 SIGNED DATA----. Remove any blank lines in the base64 code.
-----END PKCS7----- -----BEGIN PKCS7-----
MIIJmQYJKoZIhvcNAQcCoIIJijCCCYYCAQExADALBgkqhkiG9w0BBwGgggluMIIC
9jCCAl+gAwIB
AgIDDB8KMA0GCSqGSIb3DQEBBAUAMGIxCzAJBgNVBAYTAlpBMSU
wIwYDVQQKExxUaGF3dGUgQ29u
(about 80 lines of this)
TA4MjBaFw0wNTA0MTMxOTA4MjBaMGoxDjAMBgNVBAQTBUJha2Vy
-----END PKCS7-----$ openssl pkcs12 -export -inkey mail.key -in deliver.certs -out mail.p12
Enter Export Password:
Verifying - Enter Export Password:
$Mac OS X Hints
http://hints.macworld.com/article.php?story=20090914071159766