OL2002: You Cannot Send Encrypted Mail to An LDAP Recipient (318589)


The information in this article applies to:

  • Microsoft Outlook 2002
This article was previously published under Q318589
IMPORTANT: This article contains information about modifying the registry. Before you modify the registry, make sure to back it up and make sure that you understand how to restore the registry if a problem occurs. For information about how to back up, restore, and edit the registry, click the following article number to view the article in the Microsoft Knowledge Base:

256986 Description of the Microsoft Windows Registry

SYMPTOMS

In Outlook, when you address an e-mail message to a Lightweight Directory Access Protocol (LDAP) recipient that includes an encryption certificate and you choose to encrypt the message, you receive the following error message when you try to send the message:
Encryption Problems

Microsoft Outlook had problems encrypting this message because the following recipients had missing or invalid certificates, or conflicting or unsupported encryption capabilities:

<recipient name>

Continue will encrypt and send the message, but the listed recipients may not be able to read it.

RESOLUTION

To resolve this problem, obtain the latest service pack for Microsoft Office XP. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:

307841 OFFXP: How to Obtain the Latest Office XP Service Pack

The English version of this fix should have the following file attributes or later:
   Date          Time   Version       Size       File name     
   ----------------------------------------------------------
   20-DEC-2001   18:43  10.0.3618.0    47,432    Bjablr32.dll
   05-FEB-2002   15:14  10.0.3729.0   538,952    Emsmdb32.dll	
   21-FEB-2002   21:01  10.0.3819.0   850,248    Msmapi32.dll
   29-APR-2002   11:43  10.0.4024.0   108,872    Emablt32.dll

STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article. This problem was first corrected in Microsoft Office XP Service Pack 2 (SP-2).

MORE INFORMATION

If you try to send mail to LDAP recipients and you use high encryption (more than 40-bit), you must also make a change to the registry. See the following section for instructions.

How to Send Mail with High Encryption

WARNING: If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use Registry Editor at your own risk.

Use the following procedure after you install the hotfix.
  1. Click Start, and then click Run.
  2. In the Open box, type regedit.exe, and then click OK.
  3. Locate and then click the following key in the registry:

    HKEY_CURRENT_USER\Software\Microsoft\Office\10.0\Outlook\Security

  4. On the Edit menu, click Add Value, and then add the following registry value:

    Value name: UseAlternateDefaultEncryptionAlg
    Data type: DWORD
    Value data: 1

  5. Close Registry Editor.

For information on , please see the following Knowledge Base article: For additional information about problems that you may experience when you use high encryption, click the article number below to view the article in the Microsoft Knowledge Base:

307472 OL2002: Recipients Cannot Read Messages When 168-Bit (3DES) Encryption Is Enabled

Modification Type:MinorLast Reviewed:7/28/2006
Keywords:kbHotfixServer kbQFE kbbug kbfix kbOffice2000preSP3fix kbOfficeXPPreSP2fix kbOfficeXPsp2fix KB318589
©2004 Microsoft Corporation. All rights reserved.