This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Hello,
I'm trying to sign emails from outlook app, deploying an application configuration profile like this:
The certificate is deployed to the Intune Company Portal via NDES server and previously, i deploy the trusted root certificate from the CA in the management profile. I also has uploaded to 0365 the SST certificate chain in order to trust this certificate from Outlook app.
I can see the certificate in the security settings in Outlook app but when i try to create an email i get an error: you have a problem with one of your SMIME certificates, and can't sign.
It seems to be all steps correct. I am using a trial tenant. What could be the cause?.
Thank you in advance.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 30%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
@Marcos Vázquez , For our issue, we can firstly manually download the S/MIME certificate and install on one client. Check if it is working well. This can identity if the certificate has any issue. Here is an article for the reference.
https://www.ssl.com/how-to/installing-an-s-mime-certificate-and-sending-secure-email-with-outlook-on-windows-10/
Note: Non-Microsoft link, just for the reference.
If there's any update, feel free to let us know.
If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Hello,
I tried manually but same result. Here you can see the screenshots:
1) The manually installed certificate is visible from Outlook app, so i understand the SST export to O365 to trust the local CA is working:
2) Here the details of the certificate. Signing is enabled. When i requested the certificate i intro this values:
CN = as email address (user as email address format)
SAN:
-email = user email
-UPN = user UPN
3) The result when i try to sign:
I dont know if i missmatch some step.
Thanks.
@Marcos Vázquez , From the test, it seems the issue is with the S/MIME signing certificate. For the error message, it shows the signature certificate has some issue. If we use Office 365, we can check if we configured using the steps recommend:
https://techcommunity.microsoft.com/t5/exchange-team-blog/how-to-configure-s-mime-in-office-365/ba-p/584516
As Intune support, we are not familiar with this. if the issue still persists, we suggest to contact related mailbox support like O365 support or other support to check if S/MIME signature configured correctly. If the certificate meet request. After this issue is fixed, we can try to deploy them via Intune to see if it is working.
Thanks for the understanding. have a nice day!
@Crystal-MSFT , do you know if i can move this same thread to the O365 support in order to maintain the comment history?. Thanks.
@Marcos Vázquez , Thanks for the reply. I understand it can be better to transfer directly. But after discussing with office engineer. I was told that outlook for mobile device needs to post the thread in the following location:
iPhone: https://answers.microsoft.com/en-us/msoffice/forum/msoffice_outlook-mso_imobile
Android: https://answers.microsoft.com/en-us/msoffice/forum/msoffice_outlook-mso_amobile
As they are not in our Q&A, I can't move it for you. You can post in the above forum and add our thread in the description to refer to.
Thanks for the understanding and have a nice day!
,