- The recipients previously published their digital ID to the global address list by using the Publish to GAL feature in Outlook 2002. When the old digital ID expired and the new digital ID was issued, the old digital ID remained in the value of the userSMIMECertificate attribute of the user object in the Active Directory directory service. If the userSMIMECertificate attribute value is present, it is always used.
Note Certificates that are issued by a Microsoft Windows certification authority in an Active Directory organization are automatically published to the user object in Active Directory by using the userCertificate attribute. When an Outlook user uses the Publish to GAL feature, a self-signed value is written to the userSMIMECertificate value of the user object.
- A certificate server is being used that is not integrated with Active Directory or with the Microsoft Exchange Server 5.5 Directory Service. Therefore, no information regarding the recipient's public key is present in the global address list.
- On the Tools menu, click Options.
- Click the Security tab.
- In the Default Setting list, make sure that the correct security profile for the digital ID that you want to use is selected. To verify your certificate settings, click Settings. You can click Choose, and then click View Certificate to view your certificate details.
- Under Digital IDs (Certificates), click Publish to GAL, and then click OK. This will republish the correct certificate to the global address list to make sure that users are addressing you with the correct digital certificate.
- Click OK when you are prompted that your certificates were published successfully.
- Click OK to exit the Options dialog box.
- If you have an e-mail message from the recipient in your Inbox, follow these steps
Note This step does not apply to Outlook 2007.
- Open the e-mail message from the recipient.
- Right-click their user name in the From field, and then click Add to Contacts.
The Contact form appears.
- If you do not have an e-mail message from the recipient in your Inbox, follow these steps.
Note To perform this step, you must have a personal address book that is configured for your mail profile.
- On the Tools menu, click Address Book.
- Click the recipient to whom you tried to send the e-mail message.
- On the File menu, click Add to Personal Address Book.
The Contact form appears.
- Click the Certificates tab.
- If a certificate exists, click the certificate, and then click Properties.
Verify the validity of any certificates that are present. The certificate may appear as revoked or expired.
Article ID: 884738 - Last Review: Apr 25, 2008 - Revision: 1