LatestVersion: Stable: 0.50a | Beta: 0.50b
 Deutsch English Franšais Hebrew Chinese Traditional Spanish Italian Polish Lithuanian Estonian Danish Swedish Dutch (Netherlands) Portuguese (Brazil) Czech Portuguese - Portuga Russian Catalan Turkish Finnish Romanian Greek Serbian Chinese Simplified 




Get eMule at SourceForge.net. Fast, secure and Free Open Source software downloads


Cuddle eMule
Setting Up Notification Encryption HelpNAV

This entry is a user-made guide and not verified by any eMule developer, but is still a helpfull addition for most users. You you can find questions and comments on this topic in a dedicated thread on our forum.



Ive spent "sometime" figuring out how to actually get the notification encryption to work and i finally got it few days ago. I thought i share my finding here...

This "guide" will show how to setup self-signed certificate and use it to encrypt notification emails. Also ill be showing how to read these encrypted emails with Thunderbird. Note that im using Windows XP Professional.

Im assuming that you already got the email notification configured and working without the encryption.

First thing you need is to get a program that creates self-signed certificates. I used sylikc.NET Self-Signed Certificate (url below). Ill be using this tool as its has GUI etc. but theres intructions, along with the program download, in the page how to do the same thing with OpenSSL.

http://secure.sylikc.net:8080/self_signed/index.old.php#sscc

Install/extract the program and make sure you have .NET installed, you probably notice if you dont have it installed. Start the program. For me at least it shows a "warning" window telling me that im running this program standalone etc., just click OK.

You should see now two windows and on the right theres buttons for "simple mode" and "advanced mode". Pick the "advanced mode".

Now on the left window we'll start filling up the nessary information starting with the CA password. This is up to you but you have to remember these password(s) because you need them later on. However, to keep it simple, i picked one password for all the fields. Yes, not exactly secure but works fine for testing purposes. smile.gif

Next is the country name (code), put whatever you want here. I dont think theres any real use for this in our case. Also the state or province name seems to be non-important as well but its required so put whatever you want there as well.

The organization name has some use as at least Thunderbird lists all the certificates by using these so pick something that starts with the letter A or a number so that its high above in the list so you dont have to go through the whole list of certificate authors. Use something like "Absolutely Nothing" or whatever.

Common name needs to be something different from our "self-signed certificate" name so lets use something simple like "Emule CA"(without the quotes). Use that for now. Once you get things working you can do this all over again and pick whatever you want but for now lets use that.

Now you should have all the required "Certificate Authority(CA)" fields filled, next is the "Your Self-Signed Certificate". Press the "Use same input as above" button on the so that we can add different information for the fields below. eg. the button should be in the "off" position or not pressed.

Cert Password, same as before, pick something you can remember or for testing use same password that you used for "CA password". Only required field besides the password is the common name, for now use "Emule SSC" (without the quotes). Keep the other fields empty in this section.

In the Export Settings pick a password for this one, for now just use the same password as for all the other password fields. Set the PKCS file name to "emulecert.p12" and save it to the directory where you extracted/installed the program. Number of years before certificate expires can be whatever you want, i used the maximum, 10 years. For Certificate name use something like "Emule Cert" or "Emule Encryption Cert", whatever.

Note that you can save the settings to a file so you can do this again easily later on. Only thing that will be erased are the passwords. Now press GO button. You should now have the "emulecert.p12" created along with the "ca_cert.crt" file, you need to keep these two safe. eg. copy these two files somewhere.

You have now created a self-signed certificate, next thing is to install it to the computer that is running Emule and then test it. To do this, get the .p12 file to the computer that has the Emule and copy the .p12 file to that computer. To install the certificate, right click (double clicking should work also) on the file and pick "Install PFX".

If for some reason you dont have this option visible, go to your start menu and choose "Run". Now type "certmgr.msc" (without the quotes). You should now see the "Certificates" window. Next select one of the certificate categories from the left side, for example the "personal" and then right click on it (or press the action button above), then select All Task and Import. Press next and then browse the "emulecert.p12" file and select it. You need to now type in the "private key" password. Make sure you check the "Mark this key as exportable" option, just in case.

In the "Certification Store" window, select the "Place all certificates in the following store". Find and select the "Other people". Note that for some reason i initially didnt have this option visible, no idea how i got it there. Anyways, just press next and then finish. The certificate is now installed to the "addressbook", in other words the "other people", store.

To make sure that the certification is really installed, close the "Certificates" window and restart it (Start menu->Run->"certmgr.msc"). Find the "other people" store and select certificates. You should see "Emule CA" and "Emule SSC" certificates.

Now all you need is to edit the Emule preferences.ini file in the "Emule\config\" directory and add/edit the "NotifierMailEncryptCertName=Emule SSC" (w/o quotes) line below the [Emule] tag. You have to restart the Emule before this works. To test this, start Emule and pick the "verbose" (below next to the log tab). If you dont have this, turn it on from Options->Extended->"Verbose". When you get that working, go to Options->Notifications and press the Test button. You should now see some information shown in the verbose display. If the text isnt red, then i think you are doing ok. If theres no warnings or anything, you should now have the encryption working.

Next thing is to configure Thunderbird so that you can read/decrypt the messages. Note that email subject line are never encrypted.

Start Thunderbird and go to Options->Privacy->Security->"View Certificates. First you have to import certificate to the "Authorities" or else it wont work. So select "Authorities" and press "Import" button. Now you need the "ca_cert.crt" file that we copied earlier along with the .p12 file. Find and select the .crt file. You should now have "Downloading Certificate" window. Check the "Trust this CA to identify email users" and press OK. You should now see the certificate added to the list, look for the organization name you gave for the certificate.

Next select the "Your Certificates" and click "Import". Now find and select the "emulecert.p12" file we created. It will ask for a password. I think this is a password that it asks when you first time try to import certificate so im not exactly sure. However, you can change the password from Options->Privacy->Security->"Security Devices" and select the "Software Security Device". If you manage to enter all the passwords correctly you should now have the decryption working. After the "Software Security" password, it asks for the certificate password and its done. You SHOULD be able to read the encrypted emails now.

For Outlook people, perhaps there useful info here...
http://secure.sylikc.net:8080/self_signed/outlook.php?SSCC

Sources:
http://kb.mozillazine.org/Installing_an_SMIME_certificate
http://redirect.sylikc.net:8080/

The sylikc page seems to be down at the moment...

Translate this page Last Update: 18.01.2007 16:09
The GUI
The Preferences
FAQ
General Information
Ports, Firewalls & Router
Servers
Features
Troubleshooting
User Made Guides and FAQs
 
  Getting And Keeping Reliable Server List And Ipfilter
How To Recover Corrupt Downloads
How To Get A Reliable Server List & A Good Ipfilter
Setting Up Notification Encryption
Internet Worm Protection
Open/close Emule, At A Specified Time
Do You Want To Recover The List Of Servers?
Firewalled On Kad No More!
How To Avoid Fake Files
Emule And Internet Connection Sharing
Discover Fake Files Using Webservices And Preview
Ipfilter.dat And Guarding.p2p
How To Save "corrupt" Downloads!
Emule Tells Me I Have A Low-id!
Important Links Associated With Emule!
A4af - What Does It Mean?
Ed2k Links Are Not Added To Emule!
I Need A New Server.met File!
Why Is Emule Trying To Send An E-mail?
How To Clear Emule's Search History!
How To Install Or Update Your Emule!
Emule On Linux With Wine Mini-howto
Why Are My Downloads So Slow. (7/22/03)
Emule Options To Lower Cpu/resources. (7/25/03)
How To Filter Ips With Emule
Problematic Software List
  Beginner's Guide
Network Guide