When you run the Publish to GAL function in Microsoft Outlook 2010 and then send an encrypted message, recipients cannot open the encrypted message.


This problem occurs because the certificate is written to the userSIMIMECertificate attribute instead of to the userCertificates attribute in Active Directory.


To resolve this issue, apply the following update:

2791026 Description of the Outlook 2010 hotfix package (Outlook-x-none.msp): April 9, 2013

Registry key information

Important This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click the following article number to view the article in the Microsoft Knowledge Base:

322756 How to back up and restore the registry in WindowsAfter you install the hotfix package, follow these steps to enable the hotfix:

  1. Click Start, click Run, type regedit in the Open box, and then click OK.

  2. Locate and then select the following registry subkey:


  3. In the Edit menu, point to New, and then click DWORD value.

  4. Type DoNotPublishToSMimeCert, and then press ENTER.

  5. In the Details pane, right-click DoNotPublishToSMimeCert, and then click Modify.

  6. In the Value data box, type a nonzero value, and then click OK.

  7. Exit Registry Editor.


Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

Need more help?

Expand your skills
Explore Training
Get new features first
Join Microsoft Insiders

Was this information helpful?

What affected your experience?

Any additional feedback? (Optional)

Thank you for your feedback!