Hi everyone,

I have been facing a weird problem with some verisign certificates in
outlook 2003. The problem goes like this. I configure a certificate which is
able to sign and ecncrypt e-mail. I´m able to sign mail with this
certificate. The receiving party is able to read the signed mail and even
able to reply with an encrypted mail to te original sender. However, once
the original sender receives the encrypted mail Outlook displays an error
indicating that the underlying criptography platform is unable to find the
name of the digintal ID (the error is not exactly that 'cause I'm
translating it from other languague but it goes about very simmilar to that)
Does anyone have a clue of why this might be happening?

Thanks in advance.

"mmblanco5" wrote in message
...

I have been facing a weird problem with some verisign certificates in
outlook 2003. The problem goes like this. I configure a certificate which
is able to sign and ecncrypt e-mail. I´m able to sign mail with this
certificate. The receiving party is able to read the signed mail and even
able to reply with an encrypted mail to te original sender. However, once
the original sender receives the encrypted mail Outlook displays an error
indicating that the underlying criptography platform is unable to find the
name of the digintal ID (the error is not exactly that 'cause I'm
translating it from other languague but it goes about very simmilar to
that)
Does anyone have a clue of why this might be happening?

Describe the settings you have on ToolsOptionsSecurity and on the Settings
dialogue available from there. In Internet Explorer, click ToolsInternet
OptionsContentCertificates, does you r cert show in the "Personal" tab?
If so, select and click Export, then Next. Do you see two radio buttons,
one labeled "Yes, export the private key" and the other "No, do not export
the private key" and is the Yes button selectable?
--
Brian Tillman [MVP-Outlook]

In the Options dialog I selected S/MIME settings for the user. I have
selected the personal certificate for sign and encryption purposes signing
with SHA1 method and encrypting with 3DES method.
I hav also checked the settings from Internet Explorer you suggested and
YES, I'm able to export the certificate private key.

Thanks in advance

"Brian Tillman [MVP - Outlook]" wrote in message
...
"mmblanco5" wrote in message
...

I have been facing a weird problem with some verisign certificates in
outlook 2003. The problem goes like this. I configure a certificate which
is able to sign and ecncrypt e-mail. I´m able to sign mail with this
certificate. The receiving party is able to read the signed mail and even
able to reply with an encrypted mail to te original sender. However, once
the original sender receives the encrypted mail Outlook displays an error
indicating that the underlying criptography platform is unable to find
the name of the digintal ID (the error is not exactly that 'cause I'm
translating it from other languague but it goes about very simmilar to
that)
Does anyone have a clue of why this might be happening?

Describe the settings you have on ToolsOptionsSecurity and on the
Settings dialogue available from there. In Internet Explorer, click
ToolsInternet OptionsContentCertificates, does you r cert show in the
"Personal" tab? If so, select and click Export, then Next. Do you see two
radio buttons, one labeled "Yes, export the private key" and the other
"No, do not export the private key" and is the Yes button selectable?
--
Brian Tillman [MVP-Outlook]

"mmblanco5" wrote in message
...

In the Options dialog I selected S/MIME settings for the user. I have
selected the personal certificate for sign and encryption purposes signing
with SHA1 method and encrypting with 3DES method.
I hav also checked the settings from Internet Explorer you suggested and
YES, I'm able to export the certificate private key.

Then it looks to me like the recipient replying with his or her own
encrypted message may have an invalid certificate for you. What I would
suggest is that you ask your recipient to remove your Contact record from
the Contacts folder, your address from the autocompletion cache, and your
existing certificate from their "Other People" certificate store. Then you
should send a new signed message and they should right-click your address on
that message and choose Add to Contacts. This should reload your public key
into their certificate store. Have them try to send you another encrypted
message after that.
--
Brian Tillman [MVP-Outlook]