Hi,

I am running Windows 8 Enterprise Edition with Outlook 2013 64 Edition on my laptop.  I have set up my Digital ID and configured my laptop so I can send / sign / receive S/MIME Encrypted Emails.  

When I attempt to open an Encrypted email I get the following error message -

Sorry we're having trouble opening this item.  This could be temporary, but if you see it again you might want to restart outlook.  Your Digital ID name cannot be found by the underlying security system.

When I sign an email, I dont have any problems when I hit send on the email and I can send an encrypted email to a recipient without any issues.

I have tried everything I can think of but I dont seem to be able to get Outlook to open the encrypted emails, for example

1. Recreated the outlook profile and cleared my OST files
2. Deleted the certificates and reimported them using certmgr.msc, internet explorer and Outlook 2013 import Digital Function.
3. Removed Office 2013 off the laptop and completely re installed the applications
4. Ran Office 2013 Repair (Via Add and Remove Programs)
5. Tried an new ID from our corporate CAs
6. Updated the laptop via Windows update so all current patches / fixes for Office and Windows 8 are installed on the laptop.

When I used the certificates on my Windows 7 laptop using Office 2013 I dont have any problems with encrypted emails and I can open / send mails using the same S/MIME Certificates.

The hotfix -

KB Article Number(s): 2813237 
Is already installed on the laptop

Anyone go any further suggestions?

Unfortunately same problem with outlook 2013 32bit too????

Hello,

Only the recipient who has the private key (private key: The secret key kept on the sender's computer that the sender uses to digitally sign messages to recipients and to decrypt (unlock) messages from recipients. Private keys should be password protected.) that matches the public key (public key: The key a sender gives to a recipient so that the recipient can verify the sender's signature and confirm that the message was not altered. Recipients also use the public key to encrypt (lock) email messages to the sender.) used to encrypt the message can decipher the message for reading.

A recipient without the corresponding private key will see this message, "This item cannot be displayed in the Reading Pane. Open the item to read its contents." If the recipient tries to open the item, a dialog box pops up saying "Sorry, we're having trouble opening this item. This could be temporary, but if you see it again you might want to restart Outlook. Your Digital ID name cannot be found by the underlying security system."

 Sending and viewing encrypted email messages requires both sender and recipient to share their digital ID (digital ID: Contains a private key that stays on the sender's computer and a certificate (with a public key). The certificate is sent with digitally signed messages. Recipients save the certificate and use the public key to encrypt messages to the sender.), or public key certificate. This means that you and the recipient each must send the other a digitally signed message, which enables you to add the other person's certificate to your Contacts. You cant encrypt email messages without a digital ID.

When you send an encrypted email message to a recipient, Outlook uses the recipient's certificate to secure the message. Probably use would be using certificate that does not match your e-mail address. If yes, you can turn off e-mail address matching for certificates by editing your registry. To do this, follow these steps, as appropriate for the version of Outlook that you are running.

Outlook 2013

1.  Click Start , click Run , type regedit in the Open box, and then click OK . 

2.  Locate the following registry key:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\15.0\Outlook\Security 

3.  If a Security registry key does not exist, create a new key. To do this, follow these steps: a.  Click the following registry key:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\15.0\Outlook 

b.  On the Edit menu, point to New , and then click Key . 

c.  Type Security , and then press ENTER. 

4.  Right-click the Security key, click New , and then click DWORD Value . 

5.  Type SupressNameChecks , and then press ENTER. 

6.  On the Edit menu, click Modify . 

7.  Type 1 , and then click OK . 

8.  On the Registry menu, click Exit . 

Thanks

Rakesh Vijayan

Hi Rakesh, 

I checked the certificate and I have installed the private key on my laptop.  When I install the certificate on my windows 7 laptop running Office 2013 I have no problems opening the encrypted emails using the same certificate.  

Since my post i have rebuilt my laptop and installed Office 2013 32 Bit and applied the registry key and re installed the certificate on the laptop and I still get the same problem.

Could this be something to do with the IE Security Settings?

Thanks

Bruce