I have isntalled and configured my own CA on my windows 2003 server and domain. I am also running exchange 2003. I can send encrypted and digitally signed emails to anyone in my own domain, I can also send digitally signed emails to all other recipietns outside my domain, but i cannot encrypt these emails. When i digitally sign an email, and send it to email@example.com, the recipient adds me (the sender) as one of there contacts. Once they do this my certificate is in the Trusted Root Certificate authorites for the CA and my personal cert is in the trusted People on the recipients local machine. This all looks good to me. Do I also need to publish my companys public CA as well?
Thanks for any help.