Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
Home
DiscussionsAccessExcelInfoPathOutlookPowerPointPublisherWord
DirectoryUser Groups
Related Topics
Outlook ExpressInternet ExplorerWindowsMS Server ProductsMore Topics ...
MS Office Forum / Outlook / General MS Outlook Questions / May 2008

Tip: Looking for answers? Try searching our database.

Digital Certificate Problem in Outlook 2003

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
Adam Baker - 24 Jan 2008 20:11 GMT
I have installed a digital certificate in Outlook from Thawte on a user's computer. When I tried to send his signature to others, it wouldn't let me. The error "Your digital ID name can not be found by the underlying security system" came up. When I went to Tools>Options>Security and click on Settings, MD5 and RC2-128 bit are selected by default. Every other user uses SHA1 and 3DES, but these options aren't even available for this user. I can't find any info on this problem, and I thought someone here might help.I've got Windows XP Pro and Office Pro 2003.

I've tried reinstalling a new digital certificate and Office was just installed on the computer.

Thank you in advance,

Adam
Reply to this Message
Brian Tillman - 25 Jan 2008 15:06 GMT
> I have installed a digital certificate in Outlook from Thawte on a
> user's computer. When I tried to send his signature to others, it
[quoted text clipped - 5 lines]
> this problem, and I thought someone here might help.I've got Windows
> XP Pro and Office Pro 2003.

It appears that the certificate you installed may not be the correct type.
Can you check that?
Signature

Brian Tillman [MVP-Outlook]

Reply to this Message
Adam Baker - 25 Jan 2008 21:55 GMT
I don't think that is the problem, because of the simple fact that I have done the same exact thing with 10-15 other users.  They are all running XP and Office 2003 as well.  I was trying to resolve the issue with Microsoft yesterday(horrible experience), and I came to realize something was wrong with the private key.  I still haven't found the exact issue, but I kinda worked around it.  I went to getacert.com and got a digicert from them, which worked.  The only problem is that you have to tell Outlook to trust it before you can save it to contacts.  Not a big deal to us, but trying to get un-comp-savvy
people to do it on their own is just not gonna happen.

Thanks for the response, but I think this is an issue that won't get resolved. I've posted a couple of other places....with no responses.  Plus I've only found about 3 other 'exact' problems with no responses dating back to '06.

BTW....the private key thing was that it seems there is no private key.  When I try to export it from Internet Options>Content the option to export the private key with the cert is greyed out.
Reply to this Message
Dennis C. Jr., Virginia Beach, VA - 23 Apr 2008 22:04 GMT
I am seeing something similar to Adam's issue below.  My client has a
government issued Common Access Card (CAC) with credentials similar to a PKI
certificate on it.  He also has the SmartCard software from ActivIdentity
installed and working on his computer but, within Outlook 2003 the program
refuses to acknowledge the certificate as valid.  If the "Sign this messahe"
button is clicked during message composition, a "Change Security settings..."
dialog box opens and we have to opportunity to select "<ActivIdentity>" and
see what appears to be his certificates, however Outlook keeps returning to
the same "Change Security settings..." pop-up.

I have searched the Knowledge Bases at support.microsoft.com and
ActivIdentity and found nothing to explain this behavior so far.  I would
like to find some way to have Outlook forget any previous PKI certificates
the user possessed and re-recognize only his SmartCard credentials, but so
far no luck finding that information either.

I realize this issue involves MUCH more than the Microsoft Outlook 2003
product in question, so I'm not holding my breath for any sort of a solution.
Just taking a shot here with some limitd details.

~ Dennis

Signature

DISCLAIMER:  My opinions and comments are mine alone and do not represent
any other person or organization, living or dead.  This includes any
government organization, DoD contractor.

> I don't think that is the problem, because of the simple fact that I have done the same exact thing with 10-15 other users.  They are all running XP and Office 2003 as well.  I was trying to resolve the issue with Microsoft yesterday(horrible experience), and I came to realize something was wrong with the private key.  I still haven't found the exact issue, but I kinda worked around it.  I went to getacert.com and got a digicert from them, which worked.  The only problem is that you have to tell Outlook to trust it before you can save it to contacts.  Not a big deal to us, but trying to get un-comp-savvy
> people to do it on their own is just not gonna happen.
>
> Thanks for the response, but I think this is an issue that won't get resolved. I've posted a couple of other places....with no responses.  Plus I've only found about 3 other 'exact' problems with no responses dating back to '06.
>
> BTW....the private key thing was that it seems there is no private key.  When I try to export it from Internet Options>Content the option to export the private key with the cert is greyed out.  
Reply to this Message
Brian Tillman - 24 Apr 2008 14:23 GMT
Dennis C. Jr., Virginia Beach, VA
<DennisCJrVirginiaBeachVA@discussions.microsoft.com> wrote:

> I have searched the Knowledge Bases at support.microsoft.com and
> ActivIdentity and found nothing to explain this behavior so far.  I
> would like to find some way to have Outlook forget any previous PKI
> certificates the user possessed and re-recognize only his SmartCard
> credentials, but so far no luck finding that information either.

Have you tried removing everything from the crypto store and re-adding the
ActivIdentity cert?  Use the certmgr Microsoft Management Console plug-in.
Start>Run>certmgr.msc
Signature

Brian Tillman [MVP-Outlook]

Reply to this Message
Dennis C. Jr., Virginia Beach, VA - 24 Apr 2008 21:18 GMT
> Dennis C. Jr., Virginia Beach, VA
> <DennisCJrVirginiaBeachVA@discussions.microsoft.com> wrote:
[quoted text clipped - 8 lines]
> ActivIdentity cert?  Use the certmgr Microsoft Management Console plug-in.
> Start>Run>certmgr.msc

Not yet, but thanks for the idea.  I was not entirely sure whether that
would be the ONLY place they needed to be removed from and I did not want to
(potentially) make matters worse by trying something unknown.

Removing and reinstalling both Outlook and ActivIdentity were things I was
considering but I had not attempted them yet either.  The user has only had
this laptop for a few days and it seemed rather extreme to begin a "slash and
burn" campaign at this point.

Signature

DISCLAIMER:  My opinions and comments are mine alone and do not represent
any other person or organization, living or dead.  This includes any
government organization, DoD contractor.

Reply to this Message
Adam Baker - 16 May 2008 21:23 GMT
I have come across my original problem once again.  The EXACT same problem occured when I added a user to a laptop and tried to get a digital certificate for her.  This time, though, I logged her off, logged on as myself and set up Outlook with my e-mail address.  I had no problem with the digital certificate this time! :?   Instead of trying to figure this peculiar problem out, I just set her up on a different laptop with no problems concerning the digital certificate.

Note:  Since the first problem, the original user I had a problem with has gotten a new laptop and I had no problems with the digital certificate.

Any thoughts?
Reply to this Message
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.