none
Windows 8 doesn't display certificate prompt for non-elevated app when strong private key protection is enabled

    Question

  • Running Outlook 2010 talking to Exchange, using S/MIME with certificates from an AD enterprise PKI. My certificate is installed with strong private key protection enabled, so Windows prompts for a password when an application accesses the key.

    Using Outlook 2010 on Windows 7, this works as intended - if I click an encrypted email in my inbox, Windows prompts for the private key password, then Outlook displays the email.

    Using Outlook 2010 on Windows 8, if I click an encrypted email in my inbox, Outlook hangs. It appears the CredentialUIBlocker.exe process blocks it but doesn't display the private key password dialog. There are two workarounds:

    • If I disable strong private key protection for the certificate, emails open as soon as they're clicked.
    • If I run Outlook as an administrator, the private key password dialog displays as normal.

    This seems like a Windows 8 regression - any idea when a fix might be available? Thanks!

    Tuesday, August 28, 2012 1:46 PM

All replies

  • Hi,

    I think this is caused by the change with UAC process. How about if you disable UAC?


    Juke Chou

    TechNet Community Support

    Wednesday, August 29, 2012 8:17 AM
    Moderator
  • Well yes, if running as admin works around it, I'd expect disabling UAC to work around it too. I can't test as UAC is forced on by group policy and I'd rather not go playing with it...
    Wednesday, August 29, 2012 8:46 AM
  • Hi,

    OK, I recorded your feedback.


    Juke Chou

    TechNet Community Support

    Thursday, August 30, 2012 6:56 AM
    Moderator
  • Hi,

    OK, I recorded your feedback.

    Thanks Juke, but what does that mean exactly? Is someone actually investigating this problem with a view to providing a fix? Is there any way to find what the status of the bug is with the dev team?

    Thanks,

    Sean

    Monday, September 3, 2012 8:07 PM
  • Hi Juke,

    I have the same problem here with office 2010 on windows 8 (both x64).

    I tested it with UAC disabled, but Outlook still hangs as soon as the Private Key Dialog should come up. So that didn't really help....

    Thanks,

    Michael

    Wednesday, September 26, 2012 8:58 AM
  • Hi,

    same Problem here! Only in Admin-Mode the Private Key Dialog is shown.
    Thursday, October 11, 2012 12:31 PM
  • I have the same problem and made a link to this forum since there are no answers on my thread.

    Can't Sign or Open Encrypted Messages - Outlook Not Responding

    Friday, November 9, 2012 5:37 AM
  • We have opened the ticket in August 2012 and very close to resolution.

    The answer from Microsoft Windows 8 team is over here: http://social.technet.microsoft.com/Forums/en/outlook/thread/f543b04d-d510-4444-b803-1759f6c312c8

    Hope this helps.

    • Proposed as answer by Knuckles Tuesday, January 29, 2013 9:38 PM
    Monday, November 12, 2012 2:18 PM
  • For anyone who happened on this thread, like me, searching for an answer, I can confirm that this issue, described here as cut2run says:

    http://social.technet.microsoft.com/Forums/office/en-US/f543b04d-d510-4444-b803-1759f6c312c8/outlook-configured-on-windows-8-required-elevation-in-order-to-access-private-key

    seems to have been solved by the hotfix given here:

    http://support.microsoft.com/kb/2813237

    It worked for me, anyway.  And it doesn't have anything to do with the certificate itself.
    Monday, August 19, 2013 2:22 PM