I can't click the lock button - so I can't encrypt mails?
An unclickable lock button in a light grey color can have various reasons.
No secret key for email account used in Mail.app
Have you already created your secret key? If so, please make sure, the email-address in the key perfectly matches the email-address used in Mail.app > Settings > Accounts. Otherwise if you don't have a secret key, you won't be able to encrypt emails. See also: Generate a key.
Your sec/pub key may have expired
In case your own key / subkey has expired, you can update the expiration date.
No public key or expired public key for recipients email-address
- if you have a key matching the recipients email address (in GPG Keychain)
- if the key isn't disabled or has expired (also do check the subkey tab of the public key in question)
- search the key servers (in GPG Keychain) if there is a public key for the recipients email-address
- update any existing public key for the recipient via right-click to check if there is a newer version of the public key on the key servers
If you have a public key from your friend but the email address they are using now is not included in that key, you can add an email address to an existing public key.
GPG Mail FAQ
GPG Keychain FAQ
GPG Services FAQ