I can't click the lock button - so I can't encrypt mails?
An unclickable lock button in a light grey color can have various reasons.
No secret key for email account used in Mail.app
Have you already created your secret key? If so, please make sure, the email-address in the key perfectly matches the email-address used in Mail.app > Settings > Accounts. Otherwise if you don't have a secret key, you won't be able to encrypt emails. See also: Generate a key.
Your sec/pub key may have expired
In case your own key / subkey has expired, you can update the expiration date.
No public key or expired public key for recipients email-address
Please check
- if you have a key matching the recipients email address (in GPG Keychain)
- if the key isn't disabled or has expired (also do check the subkey tab of the public key in question)
- search the key servers (in GPG Keychain) if there is a public key for the recipients email-address
- update any existing public key for the recipient via right-click to check if there is a newer version of the public key on the key servers
If you have a public key from your friend but the email address they are using now is not included in that key, you can add an email address to an existing public key.