Dr. Stephen Henson wrote: > >Where was the private key used created? Was it generated under CryptoAPI or >imported as a PKCS#12 file from an external source? > > >
It was created using OpenSSL - turned into a p12 and imported. >Due to various deficiencies in the internal format for Windows private keys >there are some which it can use the public key but not the private key because >it can't be represented in its format. An example if if the two primes are of >different size. > > Unless you know something specific to Outlook, I don't think that's the problem. We use the same method to create standard user certs for accessing HTTPS web sites - and they work fine under Windows/MSIE. The other thing is that I can use Outlook to send an encrypted email to myself, then access that mailbox using Thunderbird (with the same cert) - and Thunderbird reads it fine. So Outlook must have successfully used the private key to do the encryption. It's weird - it can generate encrypted emails, but can't read them... Is anyone successfully using S/MIME within Outlook? I don't expect many on this list to be Outlook users - but I expect a lot are like me and mainly have Outlook users surrounding them :-) -- Cheers Jason Haar Information Security Manager, Trimble Navigation Ltd. Phone: +64 3 9635 377 Fax: +64 3 9635 417 PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1 ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]