Cannot open encrypted email in Outlook 2007. Error: "Cannot open this item. Your Digital ID name cannot be found by the underlying security system."

exchange-2003 encryption certificate outlook-2007
7,850

Well, I found the answer to this problem here.

It seems you need to send a signed email to your own account, then add yourself as a contact in your Outlook client, just as you would for any other person you are exchanging public keys with. Thanks to IRML2 for solving this for me - I can go back to getting real work done now!

Share:
7,850

Related videos on Youtube

fourleggedfish
Author by

fourleggedfish

Updated on September 18, 2022

Comments

  • fourleggedfish
    fourleggedfish over 1 year

    This problem occurred after a user's computer was replaced. He reapplied for a new personal certificate from the CA, which is our SBS2003 server. Ever since, he cannot decrypt emails we send him.

    Here's what I've done so far.

    • I've deleted the user's certificate from the contact info in my Outlook.
    • The certificate was removed from the cert store on my computer both by removing it from the "other people" container in crtmgr.msc and also by removing it from IE (tried both methods).
    • I've had him delete his personal certificate from the cert store on his machine.
    • I've gone into ADUC and removed the certificate from AD (user, properties, published certs tab)
    • I've gone into the CA on SBS 2003 and actually revoked all certs ever issued to this user.
    • After removing any traces of any certificates, I had him apply for a new certificate. I had him ensure that the cert was selected under "Certificates and Algorithms" in Outlook's Trust Center. I had him publish it to the GAL. I ensured that the hashing algorithms matched those set on my computer. He sent me a signed email. I added it to his contact information in Outlook.
    • I sent him an encrypted email. He couldn't open it. The error listed in the title reappeared.

    I have checked the properties of his certificate on my computer, his computer, the one in AD and the one listed in the CA and all are the same. They all have same serial number, the same fingerprint, etc. His email address in the cert is the same email address I'm sending to. He can send himself an encrypted and signed email and decrypt it. I can decrypt encrypted emails from him.

    I've spent most of the day today trying to figure out what the heck is going on here. I've tried about everything I could find online, but nothing has worked.

    I've even exported the cert from his pc and imported it on my pc and no luck.

    A number of people have pointed others to this Microsoft KB article. I've tried resolutions 1, 3 and 4 to no avail (not surprising as it's related to Outlook 2000).

    I've exhausted all possibilities that I can think of. What do you all think?

    Is there another place on SBS or on a PC that is storing certificate data that I need to delete? It seems as if I am using the proper public key to encrypt the mail, but maybe I'm missing something super simple.

  • fourleggedfish
    fourleggedfish about 12 years
    I've run into this problem again after the CA certificate expired. After deleting my contact in Outlook, deleting my cert in certmgr and removing it from Active Directory, then generating a new cert from the CA, and re-adding my self as a contact I would get the same error. It turned out that cached exchange mode in Outlook was the culprit. After turning off cached exchange mode, I could again send/receive encrypted emails. Once it was working, I turned cached mode back on and all is still working.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Outlook meeting requests and mail resending or repeating - Exchange 2003
Update certificate in Outlook contacts
Cannot send encrypted message to others using Outlook 2010
Decrypt PEM containing key and certificate
Let's encrypt + certbot: where is the private key
Why do some websites change SSL certificates so frequently?
Is there any way to send Outlook meeting requests from a non-default calendar?
Auto-reply mail only to senders outside of the company
SqlServer 2008 How to correctly install/configure SSL certificate to require encrypted connections
E-mail is delivered locally but does not show up in inbox