Firstly, make sure that OpenPGP Applet has been uploaded and installed into javacard, and you can select the applet successfully. Insert javacard into smartcard reader.
There are two method to generate key.
In the "Enigmail Key Management" window, select File-> Manage SmartCard, Enigmail will connect the card automatically and try to select OpenPGP applet.
If successful, "OpenPGP SmartCard Details" dialog box will pop up. You can select Smartcard -> Edit Card Data to modify card information. Then select SmartCard -> Generate Key to generate key.
In "Generate OpenPGP Key" dialog box, select the mail account that you want to protect. Set the passphrase and the key expiration date. Then click Generate Key button.
Using this method, it will be failed to generate key sometimes.
So we can use the second method to do this.
Use console command to generate key. The following console command operations show how to generate key via this method:
The mainly used console command are: gpg --card-status, admin and generate.
- 1. In the process of generating new key, you can follow the prompts to enter the admin PIN, the passphrase and the key expiration date, and so on.
- 2. You can use "help" to get all the commands in current status.such as in "Admin commands are allowed" status, the help command will displays the following commands
Code: Select all
Admin commands are allowed
quit quit this menu
admin show admin commands
help show this help
list list all available data
name change card holder's name
url change URL to retrieve key
fetch fetch the key specified in the card URL
login change the login name
lang change the language preferences
sex change card holder's sex
cafpr change a CA fingerprint
forcesig toggle the signature force PIN flag
generate generate new keys
passwd menu to change or unblock the PIN
verify verify the PIN and list all data
unblock unblock the PIN using a Reset Code
After the key is generated successfully, you can use "verify" command to verify the PIN and list all data.
1.Select Enigmail->Preferences to open the Enigmail Preferences dialog, and configure the option as following figure:
2. Select Options-> Account Settings... to open Account Setting dialog, and configure the option as following figure:
Then messages you send or receive will be encrypted and decrypted by the key your selected in above figure.
If Enigmail doesn't find the java card, it will give the prompt to insert the card.
Otherwise, you will not be able to send mail or can not view the e-mail content.