I have installed an encryption certificate on two computers and have them trusting eachothers certificates, but on one of the computers it can send encrypted emails but when I try to open an encrypted email I get the error message "Your Digital ID name can not be found by the underlying security system" Does anybody know how to fix this error Thanks, Nick
"Nick" wrote in message news:6D00BD1B-8742-42FA-9674-4B61DE637165@microsoft.com... >I have installed an encryption certificate on two computers and have them > trusting eachothers certificates, but on one of the computers it can send > encrypted emails but when I try to open an encrypted email I get the error > message "Your Digital ID name can not be found by the underlying security > system" Does anybody know how to fix this error I've managed a Private Key Infrastructure where I work and I've seen this happen most in two cases. The first is when the sender has an older version of the recipient's public key and the recipient has deleted the expired cert. The sender can encrypt the message but the recipient can't decrypt it because there's no private key anymore. The other case is that the recipient's cert is damaged and the rpivate key is no longer available. You can test for this case easily enough. Click Start>Run, enter "certmgr.msc" in the Open field and click OK. When the certificate manager opens, expand "Personal" and select "Certificates". Select the certificate in the right-hand pane and click Action>All Tasks>Export. When the Certificate Export Wizard opens, click Next. You should see a dialogue containing two radio buttons, one labeled "Yes, export the private key" and the other labeled "No, do not export the private key". If the "Yes" button is grayed out and unselectable, the private key is damaged and the cert will need to be reissued or the PKI's "private key recovery" function used. -- Brian Tillman [MVP-Outlook]
I have had our lead IT guy look for and fix the problems if they were present but the error still shows up when we try to open encrypted emails. "Brian Tillman [MVP - Outlook]" wrote: > "Nick" wrote in message > news:6D00BD1B-8742-42FA-9674-4B61DE637165@microsoft.com... > > >I have installed an encryption certificate on two computers and have them > > trusting eachothers certificates, but on one of the computers it can send > > encrypted emails but when I try to open an encrypted email I get the error > > message "Your Digital ID name can not be found by the underlying security > > system" Does anybody know how to fix this error > > I've managed a Private Key Infrastructure where I work and I've seen this > happen most in two cases. The first is when the sender has an older version > of the recipient's public key and the recipient has deleted the expired cert. > The sender can encrypt the message but the recipient can't decrypt it because > there's no private key anymore. The other case is that the recipient's cert > is damaged and the rpivate key is no longer available. You can test for this > case easily enough. Click Start>Run, enter "certmgr.msc" in the Open field > and click OK. When the certificate manager opens, expand "Personal" and > select "Certificates". Select the certificate in the right-hand pane and > click Action>All Tasks>Export. When the Certificate Export Wizard opens, > click Next. You should see a dialogue containing two radio buttons, one > labeled "Yes, export the private key" and the other labeled "No, do not export > the private key". If the "Yes" button is grayed out and unselectable, the > private key is damaged and the cert will need to be reissued or the PKI's > "private key recovery" function used. > -- > Brian Tillman [MVP-Outlook] > >
"Nick" wrote in message news:7D466AFE-C35D-4245-BD34-9BCCF6FF9779@microsoft.com... >I have had our lead IT guy look for and fix the problems if they were present > but the error still shows up when we try to open encrypted emails. Is the private key in the cert still intact? Have you tried re-exchanging certificates? -- Brian Tillman [MVP-Outlook]
The key is intact and I re-exchanged it but it still errors "Brian Tillman [MVP - Outlook]" wrote: > "Nick" wrote in message > news:7D466AFE-C35D-4245-BD34-9BCCF6FF9779@microsoft.com... > > >I have had our lead IT guy look for and fix the problems if they were present > > but the error still shows up when we try to open encrypted emails. > > Is the private key in the cert still intact? Have you tried re-exchanging > certificates? > -- > Brian Tillman [MVP-Outlook] > >
"Nick" wrote in message news:AFA0BDC1-E34F-473B-9494-BC402568DCF7@microsoft.com... > The key is intact and I re-exchanged it but it still errors Perhaps someone in the microsoft.public.security.crypto newsgroup might have a suggestion. -- Brian Tillman [MVP-Outlook]
