Encrypted messages

Mikhail Firsov 1,876 Reputation points
2022-04-05T10:52:05.31+00:00

Hello!

One more question on S/MIME, please:

while sending encrypted message from user 1 (Shannon Emma) to user 2 (Taylor David - and Taylor's certificate is installed on the workstation) I get the following warning:
190123-03-1.png

  • here Outlook on the WEB "thinks" that Shannon Emma is the recipient that doesn't have the corresponding certificate while Emma is the SENDER, NOT the recipient!

...maybe Outlook on the Web names Shannon Emmas as a recipient because this message may be read in the Shannon's Sent Items folder and in this context she'll be the "recipient"...?

?

2) this page says:

"If you encrypt an outgoing message and Outlook on the web can’t verify that all recipients can decrypt the message, you’ll see a notice warning you which recipients might not be able to read the encrypted message. You can then send the message anyway, remove those recipients, or retry to check again."

Q2: A recipient would be able to descrypt the message if he/she has the corresponding private key on his/her workstation - how Outlook on the Web on the sender's computer is supposed to check the availability of the private key on the recipient's computer?

Regards,
Michael

Exchange Server Management
Exchange Server Management
Exchange Server: A family of Microsoft client/server messaging and collaboration software.Management: The act or process of organizing, handling, directing or controlling something.
7,436 questions
0 comments No comments
{count} votes

Accepted answer
  1. Joyce Shen - MSFT 16,646 Reputation points
    2022-04-06T01:48:08.463+00:00

    Hi @Mikhail Firsov

    According to my research, I fould here is an article introduced your concern: How to Configure S/MIME in Office 365
    190300-image.png

    And please check if you have met the requirements list below:
    190356-image.png


    If an Answer is helpful, please click "Accept Answer" and upvote it.

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments No comments

2 additional answers

Sort by: Most helpful
  1. Mikhail Firsov 1,876 Reputation points
    2022-04-06T09:25:30.897+00:00

    Oh, yes - this conjecture was correct: "...maybe Outlook on the Web names Shannon Emmas as a recipient because this message may be read in the Shannon's Sent Items folder and in this context she'll be the "recipient"..." - thank you so much!

    Regarding the second statement: "If the PKI issued certificate is not available, users will not be able to send signed messages or decrypt the S/MIME messages" - the requirement for each user to have his/her own certificate in the User's Personal store means that user will have their own private/public key pair.

    If UserB needs to send an encrypted message to UserA, he/she will need access to the public key (=certificate) of UserA (which is stored on the UserA's computer and - possibly - in AD). The questions:

    1) how Outlook may get the UserA's certificate?

    2) how Outlook on the Web may get the UserA's certificate?

    • I was unable to find explanations to these question :(

    Regards,
    Michael


  2. Mikhail Firsov 1,876 Reputation points
    2022-04-08T08:46:42.217+00:00

    joyceshen-MSFT, thank you very much for your help!

    Regards,
    Michael

    0 comments No comments