A coworker and I occasionally use encrypted email to send passwords. We both are using Outlook 2010, and both of our Digital IDs were created by the same authority. For my coworker, creating, replying, and reading my encrypted emails works just fine. But for me, I can read his encrypted emails, I can send him encrypted emails, but I cannot reply to his encrypted emails. I always get the standard Outlook encryption error message:
"Microsoft Outlook had problems encrypting this message because the following recipients had missing or invalid certificates, or conflicting or unsupported encryption capabilities:"
It then lists his correct email address and offers to Send Unencrypted or Cancel.
Any ideas what could cause this? If I choose Send Unencrypted, or unselect Encryption before sending, the email goes through.
Update: when I reply to an encrypted message, if I delete the email address in the to box, and then retype the exact same email address, it works. This made me think I had duplicate addresses for my coworker, so I deleted him completely from my contact list. I know he's not in there at all because it can't find him when I try to send one. I had him send me a new encrypted email and also sign it. I can reply to this email. Then I added him to my contact list again, but still I can't reply to other encrypted emails. If I right click on his address, I can view the contact card and see the cert is in there, but it doesn't send. It also shows the error message described above twice. (I have to Cancel out twice.)
Update 2: When the error pops up, if I choose the option for Send Unencrypted, I get another error message: "The operation failed. The messaging interfaces have returned an unknown error. If the problem persists, restart Outlook. Cannot resolve recipient." If I then press OK, and try to send again, it sends successfully (unencrypted). I think the last part of that error message "cannot resolve recipient" is relevant to what's going on. It seems that the email in the To field is misbehaving, but only when it's first populated via reply.
Update 3: I just had a new scenario, which is related: I replied to a regular (unencrypted) email, decided to encrypt it, and had the same problem. (Same person.) I wiped out the email address in the "To" box, re-entered it identically, and then it sent. So, the title of this post might better be described as "Outlook 2010 cannot encrypt an email reply".
My coworkers and I are having the same problem when replying to encrypted emails. For emails originating from within our domain and published in the global address list, we can reply encrypted just fine. However, for associates outside our network who we've done manual key exchanges with, hitting reply or reply all results in Outlook unable to resolve their certificate from the local contact list. Prior to hitting send, the emails are treated as one entity in that clicking on one and hitting delete will remove it, but once "send" is pressed, the certificate look-up fails instantly and their address becomes an unassociated group of letters which have to be deleted like test. Curiously, when send is pressed, we get the error message twice and have to hit "cancel" both times. Once we delete the addressees, then re-add them manually, outlook resolves their certificates and happily sends the email.
What I have noticed is this behavior is associated with the mail profile. My laptop was happily replying to all encrypted emails until I corrupted my profile and had to create a new one. From that point on I was no longer able to reply to encrypted emails from outside our company unless I delete then re-type the addressees one at a time.
In summary, the issue appears to be Outlook's inability to associate incoming email addresses with local contacts for the purpose of certificate retrieval. I suspect when it occurs, this happens for all non-GAL emails, but it only really becomes apparent when encrypting.