SmartPhone – Email Encryption Error

I have a client that was switching to Exchange 2010 from Exchange 2003 and had a group of pilot users with BlackBerries and SmartPhones move to the new servers.  One SmartPhone user, while trying to send an email from their phone, received this error:

Error Certificate missing” and content: “Your message ‘’ was not sent and has been moved to the Drafts folder. Certificates are not available for the following recipients or one or more members of the following distribution lists: user@domain.com.

On the SmartPhone, there are two settings that related to encrypted messages.  They are found in activesync on the device under Menu > options > E-mail > Settings > Advanced :

      “Encrypt all outgoing e-mail messages”

and

“Sign all outgoing e-mail messages”

In our case the second one was unchecked and the Encrypt all messages was checked and grayed out.  I suspected an active sync policy had been set incorrectly.  So I ran this command:

Get-ActiveSyncMailboxPolicy

Which lead to these two values set as:

RequireSignedSMIMEMessages: False

RequireEncryptedSMIMEMessages: True

The bold one was the source of our issue.  We then changed it to False and the user was able to send emails without getting this error message.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s