Share via

Not able to use S/MIME encryption while certificate is properly configured on source and destination system. Getting error prompt.

S.P Singh 31 Reputation points
2025-06-26T11:30:47.74+00:00

Requirement: - We want to protect email contents from unauthorized access between 2 users and for that we have required certificate. We have followed all the required configurations for setting the configuration in Outlook, but no clue, why it is not working.

Getting following error message "Microsoft Outlook had problems encrypting this message because the following recipients had missing or invalid certificates, or conflicting or unsupported encryption capabilities:"

Report

Help us to know the cause and let us know how we can fix this as there no extensive logging generated to resolve this. As per certificate authority, everything is in place from their side as Outlook in allowing to import certificate properly.

Outlook | Windows | Classic Outlook for Windows | For business
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Jayden-P 4,035 Reputation points Microsoft External Staff Moderator
    2025-06-26T12:14:36.8966667+00:00

    Hi @S.P Singh

    Thank you for posting your question in the Microsoft Q&A forum. 

    Based on your description, looks like you cannot send encrypted emails with another user.

    Please ensure you set up all the steps correctly in the articles below (and a supported license):

    Set up Outlook to use S/MIME encryption - Microsoft Support

    Send S/MIME or Microsoft Purview encrypted emails in Outlook - Microsoft Support

    User's image

    In case you have done everything correctly, I found your error in this article, please give it a check.

    Common Trust, Encryption and Digital ID Troubleshooting – for Microsoft Outlook and Microsoft Exchange users | Microsoft Community Hub

    FYI, I’ve also found that in order to send encrypted messages from Outlook, you need to import the person into your contacts and make sure their public key encryption cert is there,

    Make sure the person has published their public key cert to the GAL (Global Address List), so it’s picked up automatically.

    As for your coworker’s encryption partner, your coworker will need the person’s public key before they can send any encrypted messages to that person, so either they’ll have to get the person’s certificate in a signed message, or that person will have to publish the cert to a GAL.

    I hope this information helps. Please let me know if these solutions work for you.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".   

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    User's image

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.