BUG REPORT: X-509 certificate can't be used for S/MIME encryption.

book

Article ID: 158178

calendar_today

Updated On:

Products

Desktop Email Encryption Encryption Management Server

Issue/Introduction

Unable to send encrypted e-mails to S/MIME certificate using Symantec Encryption Desktop and Symantec Encryption Management Server.

 

Following error can be seen in log:

"E-Mail  Info MAPI Proxy: Rejecting key "test.de <[email protected]>" (KeyID: 0x811084CB) because it has no valid certificate for S/MIME encryption"

Cause

Certificate contains keyEncipherment flag only (Key Usage flag displayed as "Key Encipherment" when viewing certificate details on Windows OS).

Resolution

This issue is fixed in the following release:

  • Symantec Encryption Desktop 10.3.2 MP1 (Build 15337) and above

For a full list of resolved issues in Symantec Encryption Desktop 10.3.2 including all Maintenance Packs (MP) please check http://www.symantec.com/docs/TECH166098

This version/Maintenance Pack is available for download via your account on Symantec File Connect - https://fileconnect.symantec.com


Applies To

Symantec Encryption Management Server (SEMS)  3.3.x

PGP Universal Server 3.2.x

Symantec Encryption Desktop (SED) 10.3.x

PGP Desktop 10.2.x