SecureTrust™ Secure Email Certificate Support

Troubleshooting Your Secure Email Certificate

When sending a message, I can sign, but why can't I encrypt?

This error is due to the recipient not having a Secure Email Certificate installed. You may only send encrypted emails when public keys have been exchanged. If the recipient has a Secure Email Certificate, you can exchange keys by sending a signed email. After the certificates have been imported by your email program you will have the ability to send encrypted email.

My computer crashed and I didn't back up my private key. How do I access my backed up email messages?

You cannot view encrypted messages without your private key. Be sure to backup your private key every time you back up your email messages.

My email software has marked a certificate as damaged or invalid.

If your email software has marked a certificate as damaged or invalid, the certificate has either been revoked, has expired, or has been tampered with. You should not trust any email messages which your software has marked as unsafe.

Why am I asked for a password when using my Secure Email Certificate? (Outlook Only)

During the enrollment process for a Secure Email Certificate, an option is available to provide additional security for your private key. The option is indicated as "Check this Box to Protect Your Private Key."

Immediately after clicking "Accept" on this enrollment form Microsoft will present you with a dialog box allowing you to set a security level. You will be asked to select High, Medium or Low security. These security settings are provided to help protect your private key, which resides in your computer's registry. Your private key is the part of your Secure Email Certificate that only you are meant to have. Every time you use your Secure Email Certificate your private key is accessed. The Medium and High options assure that your private key is only being accessed with your permission.

High: This setting will require you to enter a password before your private key is accessed. Medium: This setting will alert you and ask for your permission before your private key can be accessed. Low: This setting will not add any additional security. This means your private key is protected only by your system's login procedure.