Hi,

currently we are deploying a user certificate that comes from our internal PKI, on macOS devices. Since the update in macOS 12, the email client automatically takes this certificate (which is used for another service), to sign and encrypt emails.

However, since this is an internal PKI, the client cannot go back to the rootCA from the outside (the CRLs are not public).

there is a WS1 solution to deactivate the mail encryption of the native mail client on macOS 12?

thanks in advance,