I am testing Certificate Services in my lab and have setup an Enterprise CA with a subordinate CA for issuing certificates within our Active Directory Domain. The first time I did this, I did like the generic name I gave the Root CA, so I uninstalled the Certificate Services from both domain controllers and reinstalled after rebooting. The result is that I have an Enterprise CA with 1 subordinate CA for issuing certificates.
I have two test clients running Outlook 2000 (SP3) with Exchange 5.5 (SP4) employing SMTP services for Internet Mail. Mail, etc has all worked fine. I had both of these clients obtain a certificate via the subordinate CA which was successful. I am now able to send e-mail with a digital ID to Exchange Users and Internet mail users. However, when I select the option to "Encrypt contents and attachments for outgoing messages" from the security options on the Outlook clients, it fails.
When an e-mail is composed and then sent a message pops up stating: "Microsoft Outlook had problems encrypting this message because the following recipients had missing on invalid certificates, or conflicting or unsupported encryption capabilities". There are 4 option buttons at the bottom of the message which are: "Send Unencrypted", "Continue", "Cancel" and "Help". The "Continue" bottom is dimmed and cannot be selected. I have looked at the "Help" but it is not specific enough.
I checked TechNet and got KB835703 and applied it but it has not helped. What else am I missing or not doing correctly? Thanks for any advice.