I have a critical issue where intermittant decryption of secure email (3DES) fails giving the error: The digital id name cannot be found by
the underlying security system. Env. details include private key is stored on a secure dongle (iKey) using Outlook2003 and Exchange 2003. I have confirmed the private key matches the public key, private key is installed on local client pc, CA certs are installed on local client
pc and Exchange server. All certs on client pc were installed under the same windows logon that is used to receive email. I have published
certs to AD. The anomally is where all messages come from same source, encrypted exactly the same sometimes decrypt successfully but most
donot? I have compare message header detail between successfull and failed messages and cannot find any difference at all.
The messages are coming from a UNIX/AIX gateway where customised PKI code is used to secure the messages in plain text. The message received
contains a embedded encrypted message which fails. This code does not change and successfully works for several other Outlook/Exchange
environments when decrypting. The odd thing is when secure messages are sent from other standard smtp clients decryption successfully ocurrs
Can someone please advise of a solution or possibly what I need to check next? Do I need to install the senders public key in the GAL not
just the local address book? All help will be greatly appreciated. Below is Message header detail fyi. ABC is receiver and 123 is sender -
has been added to deidentify addressing. This format exactly the same for both successful and failing secure messages.
Microsoft Mail Internet Headers Version 2.0 Received: from ABC-exch01.ABC.local ([10.0.0.12]) by ABC-exch01.ABC.local with Microsoft SMTPSVC(6.0.3790.3959); Thu, 19 Jul 2007 08:36:15 +0930 Received: from 123mail.123.gov.au [188.8.131.52] by ABC-exch01.ABC.local - SurfControl E-mail Filter (5.5.0); Thu, 19 Jul 2007 08:36:14 +1030 Received: from 123.123net (quake.123.123net) by 123mail.123.gov.au (Content Technologies SMTPRS 4.3.20) with SMTP id <T80ea21dd19c0a8fd25894@123mail.123.gov.au> for <jason@ABC.com.au>; Thu, 19 Jul 2007 09:05:01 +1000 Message-ID: <T80ea21dd19c0a8fd25894@123mail.123.gov.au> To: jason@ABC.com.au From: email@example.com Return-Receipt-To: firstname.lastname@example.org Date: 19 Jul 2007 09:04:55 Subject: XXX Outbound Message [18/07/2007] Organization: 123 Mime-Version: 1.0 Content-Type: Multipart/Mixed; boundary="19:Jul:07:09:04:55_Boundary_" X-SEF-Processed: 5_5_0_210__2007_07_19_08_36_15 Return-Path: email@example.com X-OriginalArrivalTime: 18 Jul 2007 23:06:15.0674 (UTC) FILETIME=[3E0B25A0:01C7C990]
Microsoft is conducting an online survey to understand your opinion of the Technet Web site. If you choose to participate, the online survey will be presented to you when you leave the Technet Web site.