This article was previously published under Q202366
This article has been archived. It is offered "as is" and will no longer be updated.
We strongly recommend that all users upgrade to Microsoft Internet Information Services (IIS) version 6.0 running on Microsoft Windows Server 2003. IIS 6.0 significantly increases Web infrastructure security. For more information about IIS security-related topics, visit the following Microsoft Web site:
Outlook 98 does not read certificates created by Microsoft Certificate Server. Outlook 98 is sensitive to the contents of the KeyUsages field.Specifically, if either KeyEncipherment or DigitalSignature is used,then both must be set.
The default policy module shipped with the Windows NT Option Pack only sets KeyEnchipherment and not DigitalSignature. Therefore, Outlook 98 does not read certificates created by Certificate Server running the default policy module.
To resolve this problem, obtain the latest service pack for Windows NT 4.0 or Windows NT Server 4.0, Terminal Server Edition. For additional information, click the following article number to view the article in theMicrosoft Knowledge Base:
152734 How to Obtain the Latest Windows NT 4.0 Service Pack
You can also work around this issue by modifying the default policymodule to set both KeyEncipherment and DigitalSignature or neitherwhen you are issuing mail certificates.
Microsoft has confirmed this to be a problem in Internet InformationServer version 4.0. This problem was first corrected in Windows NT 4.0 Service Pack 4.0 and Windows NT Server 4.0, Terminal Server Edition Service Pack 4.
The source code for the default policy module is available aspart of the Windows Base Services component of the Platform SDK fromMSDN.
For additional information, click the article number below to view the article in the Microsoft Knowledge Base:
190157 Support for Windows NT 4.0 Option Pack on Terminal Server