Known issues when you use S/MIME with Outlook Express

Symptoms

When you use S/MIME with Microsoft Outlook Express, you may experience one or more of the following symptoms.

Symptom 1

Outlook Express takes longer than expected to open a digitally signed e-mail message.

Symptom 2

You receive an error message that is similar to the following error message:
The Certificate Revocation List was unavailable or it has expired.

Symptom 3

When you try to encrypt or to digitally sign all outgoing e-mail messages in Outlook Express, you may receive an error message that is similar to the following error message:
Your digital ID name could not be found by the underlying security system.

Cause

One of the following reasons is the cause of these behaviors, based on the symptoms that you are experiencing.

Cause for symptom 1

This behavior occurs because the Certificate Revocation List (CRL) takes longer than expected to download.

Cause for symptom 2

This behavior occurs because of a missing or an inaccessible CRL either on the sender's certificate or on the Intermediate Certification Authority's certificate.



Cause for symptom 3

This behavior occurs if the correct digital ID is not installed and configured in Outlook Express.

Resolution

To resolve this behavior, use one of the following methods depending on the symptoms that you are experiencing.

Resolution for symptom 1

To resolve the behavior that is described in symptom 1, follow these steps:
  1. Start Outlook Express.
  2. On the Tools menu, click Options.
  3. On the Security tab, click Advanced.
  4. In the Advanced Security Settings dialog box, click Never under Revocation Checking, and then click OK.
  5. Click Apply, and then click OK.

Resolution for symptom 2

To resolve the behavior that is described in symptom 2, make sure that the client computer is configured correctly, and verify that you have access to both CRL Distribution Points and Authority Information Access. To do so, follow these steps:
  1. Start Outlook Express.
  2. On the Tools menu, click Options, and then click the Security tab.
  3. Click digital IDs, and then double-click the certificate that you want to verify.
  4. Click the Details tab.
  5. Click either CRL Distribution Points or Authority Information Access.
For additional information, click the following article numbers to view the articles in the Microsoft Knowledge Base:

308707 "Certificate Revocation List Is Not Available" Error Message Appears with Encrypted Outlook Mail

269784 "No CRL Found" Error Message Even When CRL Is in Cryptdlg.dll

Resolution for symptom 3

To resolve the behavior that is described in symptom 3, install and configure the correct digital ID in Outlook Express. To do so, follow these steps:
  1. Start Outlook Express.
  2. On the Tools menu, click Options, and then click the Security tab.
  3. Click Get digital ID. In the Web page, click the link of the certifying authority from whom you want to obtain a digital ID.
  4. Follow the instructions of the certifying authority to obtain the digital ID.

    You will receive an e-mail from the certifying authority that contains your digital ID and additional instructions.
For additional information, click the following article numbers to view the articles in the Microsoft Knowledge Base:

258527 OL2000: Error Message: Your Digital ID Name Cannot Be Found by the Underlying Security System

195477 OL2000: Encryption and Message Security Overview

Egenskaper

Artikel-id: 833004 – senaste granskning 20 sep. 2011 – revision: 1

Feedback