Microsoft KB Archive/283207

= OL98: (CW) Error Message Occurs When You Send an Encrypted Message to a Recipient on the Global Address List =

Article ID: 283207

Article Last Modified on 8/6/2002

-

APPLIES TO


 * Microsoft Outlook 98 Standard Edition

-



This article was previously published under Q283207



NOTE: The procedures in this article only apply if you have installed Outlook with the Corporate or Workgroup option. With this option, you can use Messaging Application Programming Interface (MAPI) services. To determine your installation type, click About Microsoft Outlook on the Help menu. If you have the Corporate or Workgroup installation, you see &quot;Corporate or Workgroup&quot;.



SYMPTOMS
In Outlook 98, when you send an encrypted message to a recipient that is located in the Global Address List, you may receive the following error message:

Encryption Problems

Microsoft Outlook had problems encrypting this message because the following recipients had missing or invalid certificates or conflicting or unsupported encryption capabilities:

Continue will encrypt and send the message but the listed recipients may not be able to read it.



CAUSE
This problem can occur because when Outlook searches the Global Address List for encryption certificates, it searches for three properties in the following order:
 * 1) Tagged-X509certs
 * 2) X509-certs
 * 3) User-certs

If the Tagged-X509certs property is invalid (for example, if it is expired, corrupted, and so on), Outlook does not fail over and query for any valid X509-certs or User-certs properties. For example, if the Tagged-X509certs property is missing and the X509-certs property is invalid, Outlook does not fall back and query the User-certs property, even if the property is valid. This behavior prevents the user from sending encrypted mail to other users who have an invalid digital certificate.



WORKAROUND
Contact your Microsoft Exchange Server administrator to have them remove or republish the invalid or expired certificate from the specified user's mailbox. If the affected recipient is running Microsoft Outlook 2000 SR-1, SR-1a or later, they can use the Publish to Global Address List functionality to update their certificate.

For more information about the Publish to Global Address List functionality in Outlook 2000 and Microsoft Outlook 2002, click Microsoft Outlook Help on the Help menu, type Add a certificate to the Global Address List in the Office Assistant or the Answer Wizard, and then click Search to view the topic.



STATUS
Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article.

This problem was corrected in Microsoft Outlook 2002.

Additional query words: signed contacts add address book

Keywords: kbbug KB283207

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.