question

AndreiShenets avatar image
0 Votes"
AndreiShenets asked 30459203 commented

Outlook cannot pick proper signing and encrypting certificate

Hi All,



I have both personal Outlook 365 subscription and Outlook 2019 from my company. I have two office 365 email accounts on different domains added to outlook. Both accounts have different signature certificates. One is signed with self signed CA certificate of my organization and one is from Global Sign.



This setup works for some time for signing/ecrypting emails but from time to time I caught following or similar errors when answered to encrypted emails:


79449-screenshot-2021-03-18-114941.png


79521-screenshot-2021-03-18-130654.png


Our internal IT-Support found that it is because outlook cannot pick proper certificate. I was suggested to set following registry flag to suppress check for certificate.



[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Security]

"SupressNameChecks"=dword:00000001



But that resulted to issue that outlook uses the same certificate for both account that is not correct for the second account. Moreover Outlook does not allow to change certificate that should be used and complains that certificate cannot be found.



When I removed the flag previous behavior was not restored and Outlook continues to complaint that it cannot find certificate.



Please help me to solve this certificate issue as our IT support cannot find a solution.


office-outlook-itpro
· 7
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi @AndreiShenets,

Welcome to our forum.

Have you tried to completely remove all the existed certificates you have in your windows, try creating and using a new Outlook profile via Control Panel > Mail > Show profile and re-add your certificates to see if the issue has any difference there?

By the way, is this encrypt issue a long-existed issue or only happen recently? In order to avoid version-related issue, please make sure you have upgraded your Outlook to the latest version.

Any update, please feel free to post back.

0 Votes 0 ·

Hi Jeff,

I tried deleting of profile after your comment and that did not help.

I definitely had initial issue with certificates on Outlook 2016. Now I have it on Outlook 2019 and Outlook 365. Both have latest updates installed.

Within initial issue I was getting both message but only when replying to encrypted emails.

0 Votes 0 ·

Hi @AndreiShenets,
Thanks for your reply.
I am still working on this issue. If I got any further updates, I would post back here as soon as possible.
Grateful to your understanding and patience.

0 Votes 0 ·
Show more comments

Hi All. Any news?

0 Votes 0 ·
JeffYang-MSFT avatar image
0 Votes"
JeffYang-MSFT answered JeffYang-MSFT edited

Hi @AndreiShenets,

Sorry for my delay, I'm going to share some of my updates about your issue here. I tried the same tests in my Outlook 2019 client, create a new Outlook profile, add two different email accounts along with different signature certificates. Tried sending encrypted emails tests, can send out normally without any issues. Tried replying to encrypted emails tests, both via manually choose certificates and automatically choose certificates can all work fine, have not been able to reproduced your issue yet.
84492-image.png

In order to further confirm your issue, I would suggest you to try creating and using a new Outlook profile via Control Panel > Mail > Show profile and only add one email account and certificate to check if both these email accounts and certificates can work fine independently.

By the way, considering that you have tried the same tests in different Outlook versions, does this issue happen to all the users in your organization? Or only some specific users have this issue? If all the users in your organization do have the same issue, global settings like GPO and others might cause issues like this, maybe it is also worth to check.


If an Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


image.png (26.9 KiB)
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

AndreiShenets avatar image
0 Votes"
AndreiShenets answered AndreiShenets commented

Hi @JeffYang-MSFT ,

Yes I am still able to reproduce the issue. I have tried creating of new profiles and it doesn't help.

You might be able to reproduce it in following way:

  1. Create an email with Test title and Test body to someone who can receive encrypted emails from you

  2. Enable encryption and signing for the email

  3. Save the email and close popup window

  4. Open the email and try to send it.

I am constantly getting the message:
84378-image.png

I guess it shows because of the same reason.

I am able to reproduce the issue using steps above on other PCs but if you are not saving an email but just send then it works for other PCs. Some people doesn't have the issue at all.



image.png (7.9 KiB)
· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

According to your description, the issue could be reproduced on other PCs, it may also be related to your certificate, did it occur on this specific certificate only?

0 Votes 0 ·

No, it occurs for other certificates too.

0 Votes 0 ·