Some email clients unable to decrypt email sent from Outlook 2010

By | 19/11/2010

When sending an encrypted message from Microsoft Office Outlook 2010 to a recipient using a third-party email client, such as Lotus Notes, Entrust, SeaMonkey, or Thunderbird, the recipient may not be able to read the encrypted message. In the case of the Thunderbird email client, it may display the following message in the body of the message when they open it:

Thunderbird cannot decrypt this message

The sender encrypted this message to you using one of your digital certificates, however Thunderbird was not able to find this certificate and corresponding private key.

Possible solutions:

  • If you have a smartcard, please insert it now.
  • If you are using a new machine, or if you are using a new Thunderbird profile, you will need to restore your certificate and private key from a backup. Certificate backups usually end in “.p12”

The recipient should check with their email client vendor to determine if an update to address this issue is available for their email client.

As a workaround, on the sender’s client, you can use the following registry value to make Outlook 2010 revert to the behavior found in earlier Outlook versions.

Important This method contains steps that tell you how to modify the registry. However,serious problems may occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For more protection, back up the registry before you modify itso that you can restore the registry if a problem occurs. For more information about how to back up and then restore the registry, click the following article number to view the article in the Microsoft Knowledge Base:
322756 How to back up and restore the registry in Windows

  1. Start Registry Editor.
  2. Locate and then click to select the following registry subkey:

    Note :Create the \Security registry subkey if it does not exist.
  3. Add the following registry data to the this key:Value type:   DWORD
    Value name: UseIssuerSerialNumber
    Value data:  1
  4. Exit Registry Editor.


Leave a Reply