ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Outbound email cannot be encrypted if the internal user's key has expired

book

Article ID: 200591

calendar_today

Updated On:

Products

Encryption Management Server Encryption Management Server Powered by PGP Technology Gateway Email Encryption Gateway Email Encryption Powered by PGP Technology

Issue/Introduction

If an internal user's key has expired, outbound email will bounce or queue.

Whether outbound messages bounce or queue depends on whether the subkey has also expired. Here is an example where the subkey was still valid on 30 September 2020, the day the email message was sent:

In this scenario, the outbound message bounces:

In this example, by 30 September 2020, the user's subkey has also expired:

In this scenario, the message cannot be processed but it does not bounce:

In both scenarios, the attempt to send an email message causes the Last Use field in the internal user's record to be updated:

 

Environment

Encryption Management Server release 3.4.2 and above.

Resolution

At 12am and 12pm each day, keys that are due to expire within one day are automatically renewed.

Any user account with expired keys that has a Last Use field that has been updated since the last key renewal task ran will also be renewed.

Therefore, the next time the user tries to send an email through Encryption Management Server, the message will be encrypted successfully. Any messages that could not be processed previously will be processed at the same time.

Attachments