I have installed an encryption certificate on two computers and have them
trusting eachothers certificates, but on one of the computers it can send
encrypted emails but when I try to open an encrypted email I get the error
message "Your Digital ID name can not be found by the underlying security
system" Does anybody know how to fix this error

Thanks,

Nick

"Nick" wrote in message
...

I have installed an encryption certificate on two computers and have them
trusting eachothers certificates, but on one of the computers it can send
encrypted emails but when I try to open an encrypted email I get the error
message "Your Digital ID name can not be found by the underlying security
system" Does anybody know how to fix this error

I've managed a Private Key Infrastructure where I work and I've seen this
happen most in two cases. The first is when the sender has an older version
of the recipient's public key and the recipient has deleted the expired cert.
The sender can encrypt the message but the recipient can't decrypt it because
there's no private key anymore. The other case is that the recipient's cert
is damaged and the rpivate key is no longer available. You can test for this
case easily enough. Click StartRun, enter "certmgr.msc" in the Open field
and click OK. When the certificate manager opens, expand "Personal" and
select "Certificates". Select the certificate in the right-hand pane and
click ActionAll TasksExport. When the Certificate Export Wizard opens,
click Next. You should see a dialogue containing two radio buttons, one
labeled "Yes, export the private key" and the other labeled "No, do not export
the private key". If the "Yes" button is grayed out and unselectable, the
private key is damaged and the cert will need to be reissued or the PKI's
"private key recovery" function used.
--
Brian Tillman [MVP-Outlook]

I have had our lead IT guy look for and fix the problems if they were present
but the error still shows up when we try to open encrypted emails.

"Brian Tillman [MVP - Outlook]" wrote:

"Nick" wrote in message
...

I have installed an encryption certificate on two computers and have them
trusting eachothers certificates, but on one of the computers it can send
encrypted emails but when I try to open an encrypted email I get the error
message "Your Digital ID name can not be found by the underlying security
system" Does anybody know how to fix this error

I've managed a Private Key Infrastructure where I work and I've seen this
happen most in two cases. The first is when the sender has an older version
of the recipient's public key and the recipient has deleted the expired cert.
The sender can encrypt the message but the recipient can't decrypt it because
there's no private key anymore. The other case is that the recipient's cert
is damaged and the rpivate key is no longer available. You can test for this
case easily enough. Click StartRun, enter "certmgr.msc" in the Open field
and click OK. When the certificate manager opens, expand "Personal" and
select "Certificates". Select the certificate in the right-hand pane and
click ActionAll TasksExport. When the Certificate Export Wizard opens,
click Next. You should see a dialogue containing two radio buttons, one
labeled "Yes, export the private key" and the other labeled "No, do not export
the private key". If the "Yes" button is grayed out and unselectable, the
private key is damaged and the cert will need to be reissued or the PKI's
"private key recovery" function used.
--
Brian Tillman [MVP-Outlook]

"Nick" wrote in message
...

I have had our lead IT guy look for and fix the problems if they were present
but the error still shows up when we try to open encrypted emails.

Is the private key in the cert still intact? Have you tried re-exchanging
certificates?
--
Brian Tillman [MVP-Outlook]

The key is intact and I re-exchanged it but it still errors

"Brian Tillman [MVP - Outlook]" wrote:

"Nick" wrote in message
...

I have had our lead IT guy look for and fix the problems if they were present
but the error still shows up when we try to open encrypted emails.

Is the private key in the cert still intact? Have you tried re-exchanging
certificates?
--
Brian Tillman [MVP-Outlook]

"Nick" wrote in message
...

The key is intact and I re-exchanged it but it still errors

Perhaps someone in the microsoft.public.security.crypto newsgroup might have a
suggestion.
--
Brian Tillman [MVP-Outlook]