You are here: Office-Outlook.com  / Outlook Forum

Invalid Certificate

Home » General Outlook opportunities » Outlook
Invalid Certificate [message #227228] Mon, 01 October 2007 09:57 Go to next message
Tim B  is currently offline Tim B
Messages: 7
Registered: October 2007
Junior Member
Unable to digitally sign or encrypt my e-mail. I am however able to receive
encrypted e-mails from other parties whose certificates I have.??!!

My certificate is provided by my government ID card via an ActiveCard Reader
using Active Client 6.1 software. Active Client Diagnostics indicates that
Active Client software is loaded and functioning correctly. Checked the
option in Active Client to make Certificates Available to Windows. Downloaded
my certificate in Outlook 2007. Properties show a valid certificate in my
contact properties tab. Verified that certificate shows up as a trusted
certificate in properties tab. My Certificates also are viewable in IE under
Internet Options/Content/Certificates.
Running MS Outlook Pro 2007 and Vista OS with all updates.

Deleted and then reloaded my certificates several times now and triple
checked all the settings in various programs. However still unable to
digitally sign or encrypt my messages and attachments. I get the Warning "
Microsoft Office cannot sign or encrypt this message because your certificate
is not valid.

All this stuff worked fine under MS Office XP Pro 2003 and Win XP Pro prior
to my recent hardware upgrade.

Any suggestions?
--
Tim B
Re: Invalid Certificate [message #227247] Mon, 01 October 2007 10:47 Go to previous messageGo to next message
Brian Tillman  is currently offline Brian Tillman
Messages: 25127
Registered: June 2006
Senior Member
Brian Tillman <tillman1952@yahoo.com> wrote:

> If you click Tools>Options>Security in Outlook, what encryption

I accidentally sent this without finishing my sentence.

If you click Tools>Options>Security in Outlook, what encryption settings do
you have? Describe them all.
--
Brian Tillman [MVP-Outlook]
Re: Invalid Certificate [message #227605] Tue, 02 October 2007 10:03 Go to previous messageGo to next message
Tim B  is currently offline Tim B
Messages: 7
Registered: October 2007
Junior Member
Brian,

Here's an update on my Invalid Certificate Problem.....Success!!!

Here's what I did to force Outlook to recognize my certificate.

1) Try to send digitally signed e-mail
2) When Outlook gives you the Invalid Certificate Advisory: Select Change
Security Settings Option.
3) a. Select Active Card as source (My Certificates Source)
3) b. Manually reload Signature Certificate and under properties select
inherently trust this certificate
3) c. Manually reload Encryption Certificate and under properties select
inherently trust this certificate
4) Close to save settings.

Digital Signature and e-mail encryption now function properly.

--
Tim B


"Tim B" wrote:

> Brian,
>
> Thanks for your reply. I followed your troubleshooting advice. Here's
> the result:
>
> -I tried to send an encrypted msg without signing it. Result was the Invalid
> Certifcate advisory, asking me to change security settings.
>
> -In IE I can select and export each of my three certificate files. However,
> only the lower radio button is available to select.
>
> - Outlook encryption settings are as follows:
>
> - Active Client Certificate
> - S/Mime
> - Next two boxes are checked
> - Signing Certificate Hash Algorithm SHA1
> - Encryption Certificate 3DES
> - Last box is checked
>
> Does this give you any clues?
>
> Just to clarify :
> - The core problem is that outlook doesn't recognize my certificate as
> valid. My CAC card actually provides three certification files; signature,
> encryption and ID. I don't know the nuts and bolts of which file does what...
> I thought it was unusual but significant that I could receive encrypted
> e-mail, but couldn't send any..... Anyway the encryption is a secondary issue
> I suspect.
>
> --
> Tim B
>
>
> "Brian Tillman" wrote:
>
> > Brian Tillman <tillman1952@yahoo.com> wrote:
> >
> > > If you click Tools>Options>Security in Outlook, what encryption
> >
> > I accidentally sent this without finishing my sentence.
> >
> > If you click Tools>Options>Security in Outlook, what encryption settings do
> > you have? Describe them all.
> > --
> > Brian Tillman [MVP-Outlook]
> >
> >
Re: Invalid Certificate [message #227686] Tue, 02 October 2007 11:49 Go to previous messageGo to next message
Brian Tillman  is currently offline Brian Tillman
Messages: 25127
Registered: June 2006
Senior Member
Tim B <TimB@discussions.microsoft.com> wrote:

> -I tried to send an encrypted msg without signing it. Result was the
> Invalid Certifcate advisory, asking me to change security settings.

This should have to do with the cert of the recipient. I really can't say
what might be going on here. I would recommend that you remove the other
person's certificate from your certificate store and ask that person to send
you a new signed message.

> -In IE I can select and export each of my three certificate files.
> However, only the lower radio button is available to select.

If only the lower button is available, then your private key has been
damaged and you will need to speak with your PKI administrator for private
key recovery or remove the damages certificate and reinstall from the backup
you made when you first install it.
--
Brian Tillman [MVP-Outlook]
Re: Invalid Certificate [message #227687] Tue, 02 October 2007 11:49 Go to previous message
Brian Tillman  is currently offline Brian Tillman
Messages: 25127
Registered: June 2006
Senior Member
Tim B <TimB@discussions.microsoft.com> wrote:

> Here's an update on my Invalid Certificate Problem.....Success!!!

Good to know. Thanks.
--
Brian Tillman [MVP-Outlook]
Previous Topic:Get read receipt if not requested?
Next Topic:Journal Viewer
Goto Forum: