Ask a Question

Solution ID : SO28633

Last Modified : 06/20/2018

How to confirm that a signed message correctly added a certificate to an Outlook contact

Problem

You are unable to send encrypted emails to an intended recipient.

Error Message

Microsoft Outlook had problems encrypting this message because the following recipients had missing or invalid certificates, or conflicting or unsupported encryption capabilities: [email address or recipient]  Continue will encrypt and send the message but the listed recipients may not be able to read it.

Cause

  1. A signed email has not be received from the intended recipient of the encrypted message.
  2. The certificate that accompanies a signed email has not been correctly associated with a contact for the intended recipient of the encrypted email.

Solution

In order to send an encrypted email to someone Outlook requires that a valid Certificate be associated with the contact who is the intended recipient of the encrypted message.  A signed email is the best method of distributing this certificate to those that wish to send you encrypted messages.  In order to exchange encrypted messages, both parties must have a signing and encryption certificate.  In the case of Class 1 Digital ID Certificates for Secure Email, this is the same certificate.  In this instance, a digital signature on an email, a certificate, and a public key are all essentially the same thing.  This, however, is not always true outside of this instance.

To ensure that a certificate has been associated with a contact in Outlook, follow these steps:

  1. In Outlook, open contacts by clicking on People, or the people icon in the bottom left hand corner of Outlook.

  2. In the Current View section of the Ribbon, locate and click on the List option.  This will change the view to a list of contacts.  You will not be able to see certificates for a contact if you are not in List view.

  3. Locate the contact for the person you want to send encrypted emails to and double click on it to open it.

  4. In the Show section of the Ribbon click on Certificates to view the certificates associated with that contact.

If there are no certificates displayed, have the person associated with that contact send a signed email, then check again.  If a certificate still does not show up, create a contact from their signed email by following the steps below.

  1. Request a signed email from the person whom you want to send encrypted emails to.

  2. Double click on their name on the signed email you received.

  3. In the pop up window, click Add in the right hand side of the window

  4. Change or alter any information you like and click Save.

  5. Follow the steps above to ensure that there is a certificate associated with that contact.

Now that you have created a contact, when attempting to send an encrypted email to that contact, you MUST click the To... button in the New Message window and select their contact from your address book.  If you do not, Outlook will send the email to the contact that does not have the certificate associated with it.