Outlook 2003 Encrypt Message Using Wrong Certificate

[Chip Andrews]

When I send an encrypted message to a user, the default behavior (as I
understand it) is for Outlook to determine the public key for each
recipient and use the public key found there to encrypt the message.

Outlook 2003 on my machine does not do that. It gleefully sends the
email out using my own public key and thus no matter who I send an
encrypted email to they cannot read it. I KNOW I have recipients in my
Outlook Address book with their certificates clearly indicated but when
I send to them - nada - it's encrypted using my key.

What the heck? My cube-neighbor has the same version and his works fine
- SAME EXACT options selected in Outlook. Also - when he sends and
encrypted email to a person for which he has no cert - he gets a nasty
pop-up telling him he cannot proceed. But on my machine - the email
goes out - encrypted using my cert - and unreadable by the recipient.

Any thoughts?

Chip

 

[Lee Li [MSFT]]

Dear Chip,

Thank you for posting here.

From your post, my understanding on this issue is: When you send an
encrypted message using the certificate, the recipient cannot see the
content. If I'm off base, please feel free to let me know.

Based on my knowledge, please ensure the following two points correct.

1. Please make sure the certificate you are using is widely recognized
through the Internet.

2. In order for the recipients to see the encrypted message, please ensure
they have your digital signature. In order for that, please follow the
steps below.

1). Please initialize a new message in Outlook, click Options in the
Toolbar.
2). Click Security Settings button, only click to select the "Add digital
signature to outgoing messages" and " "Send this message as clear text
signed" check boxes, and then click OK.
3). After recipient receiving this mail, please save your signature as
local file.
4). Then in recipient's Outlook side, create a contact of your information
in Contact Folder, then double the contact, in Certificate tab, import the
signature.

Then please send an encrypted mail to the recipient to verify the issue and
let me know the result, so that I can provide further assistance on this
problem. I am looking forward to your reply. Thanks and have a nice day!

Thanks & Regards,

Lee Li
Microsoft Online Partner Support

Get Secure! - www.microsoft.com/security

=====================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.

 

[Guest]

Lee,

I am having similiar problems. Outlook 2003 seems to be encrypting all
messages with my key and not the public key/digital ID of the recipient.

Question about your previous reply:
1. What constitutes a widely recognised certificate on the internet.
Mine was obtained from CaCert.org and conforms to all the rules off PKI
email certificates. Is this enough???

2. You wrote:
"In order for the recipients to see the encrypted message, please ensure
they have your digital signature. In order for that, please follow the
steps below."

Is this not the wrong way round??
In order to encrypt a message to person B surely I must have the digital
ID/public key of person B, as that is what is used to encrypt the message.
They will then use their private key to decrypt the message as thats the only
key that will decrypt an encryption done with the public key. THATS WHAT
MAKES IT SECURE!