You receive an error message when you try to send an encrypted e-mail message to another user who is in the same Exchange organization in Outlook 2002 (884738)

SYMPTOMS

When you try to send an encrypted e-mail message to another user who is in the same Microsoft Exchange organization in Microsoft Outlook 2002, you receive the following error message:

Microsoft Outlook had problems encrypting this message because the following recipients had missing or invalid certificates, or conflicting or unsupported encryption capabilities

CAUSE

This issue may occur if one of the following conditions is true:

The recipient previously published their digital ID to the Global Address List by using the Publish to GAL feature in Outlook 2002. When the old digital ID expired and the new digital ID was issued, the old digital ID remained in the value of the userSMIMECertificate attribute of the user object in the Active Directory directory service. If the userSMIMECertificate attribute value is present, it is always used.

Note Certificates that are issued by a Microsoft Windows certification authority in an Active Directory organization are automatically published to the user object in Active Directory using the userCertificate attribute. When a Microsoft Outlook user uses the Publish to GAL feature, a self-signed value is written to the userSMIMECertificate value of the user object.
A certificate server is being used that is not integrated with Active Directory or with the Microsoft Exchange Server 5.5 Directory Service. Therefore, no information regarding the recipient's public key is present in the Global Address List.

RESOLUTION

To resolve this issue, the recipient must follow these steps:

On the Tools menu, click Options.
Click the Security tab.
In the Default Setting list, make sure that the correct security profile for the digital ID that you want to use is selected. To verify your certificate settings, click Settings. You can click Choose, and then click View Certificate to view your certificate details.
Under Digital IDs (Certificates), click Publish to GAL, and then click OK. This will republish the correct certificate to the Global Address List to make sure that users are addressing you with the correct digital certificate.
Click OK when you are prompted that your certificates were published successfully.
Click OK to exit the Options dialog box.

MORE INFORMATION

If you receive the error message that is mentioned in the "Symptoms" section, you can try to verify the status or the validity of the recipient's certificate in the Global Address List. To do this, follow these steps:

If you have an e-mail message from the recipient in your Inbox, follow these steps:
1. Open the e-mail message from the recipient.
2. Right-click their user name in the From field, and then click Add to Contacts.
  
  The Contact form appears.
If you do not have an e-mail message from the recipient in your Inbox, follow these steps.

Note To perform this step, you must have a personal address book (PAB) configured for your mail profile.
1. On the Tools menu, click Address Book.
2. Click the recipient that you tried to send the e-mail message to.
3. On the File menu, click Add to Personal Address Book.
  
  The Contact form appears.
Click the Certificates tab.
If a certificate exists, click the certificate, and then click Properties.

Verify the validity of any certificates that are present. The certificate may appear as revoked or expired.

For additional information about other scenarios where you may receive the same error message, click the following article numbers to view the articles in the Microsoft Knowledge Base:

820029 Error message: "Microsoft Outlook had problems encrypting this message... "

326311 You cannot send encrypted e-mail messages to a contact while you are working offline