Lost ability to sign messages after migration to Active Directory.

  • Thread starter Thread starter Neb Okla
  • Start date Start date
N

Neb Okla

Yesterday my IT group migrated me to Active Directory and at that time my
signed email certificate stopped working.

Now whenever I try to sign an email, I get the following message:

"An error occurred in the underlying security system."

I didn't see anything related in the Microsoft Knowledge Base.

I found a few problems along those lines in Google Groups, but they were "I
have a problem" posts with no response.

Here's what I've tried so far:

Exporting/Deleting all certs.
Re-installing *just* the cert I want to use.
I also ran "Detect & Repair" which took a while but didn't seem to fix
anything.
Requesting a *new* cert and installing it directly from the provider site.

Any suggestions would be greatly appreciated.
 
I found this workaround:

While creating a new email, I must click on "Options..." in the toolbar and
press the "Security Settings..." button.

This opens a new window called "Security Properties" with a "Security
Settings" section.

Under "Security setting:" is a dropdown box.
It has the options "<Automatic>", "<Default>", and "My S/MIME Settings
([email protected])".

If I choose any of these and click the "Change Settings..." button, this
opens a window called "Change Security Settings".

Under "Certificates and Algorithms" in the "Signing Certificate:" field,
there is a "Choose..." button.

Clicking it opens a "Select Certificate" window - and here is the problem.

I see two Certificates. One is a new certificate I installed today, and the
other is an old certificate that I thought was deleted.
 
This fixed it for me:

In Outlook 2003, go to Tools > Options > Security (Tab)
In the "Encrypted e-mail" tab, set the "Default Setting:" to "My S/MIME
Settings ([email protected])"
Click the "Settings..." button

A new window titled "Change Security Settings" will open
In the "Certificates and Algorithms" section, at the "Signing Certificate:"
field, click the "Choose..." button
Select the appropriate certificate
At the "Encryption Certificate:" field, click the "Choose..." button
Select the appropriate certificate

Click "OK"
Click "OK"

Send a test message, it worked for me.
 
Back
Top