I have a Windows Server 2008 R2 Machine and an Exchange 2010 Server on two seperate machines.
The WS2008R2 machine is configured with a certificate authority in which I have configured certificate autoenrollment.
The template I created contained client authentication and secure email.
I had the understanding that by adding the secure email certificate, that I would be able to send S/MIME encrypted email out of the box with any user (I also configured auto enrollment so the certificates get distributed automatically).
I could see the issued certificate by opening a mmc with the certificate snap-in on the client Windows 7 computer, but there wasn't an option to sign or encrypt an email in Outlook 2010 like I was suggesting (or better said, the way I know it from my work computer).
Did I forget to configure something or is this abnormal behaviour ??
My goal was to have the certificate distribution and integration in an automatic fashion, so that no manual administrative action has to be performed to send and receive encrypted mail.
Thanks for your help.
P.S.: The certificate template also included 'Smartcard logon' which I tested and this worked perfectly, so I am sure that the certificates are working.
Best Answer
you need to configure Outlook to use sign and/or encrypt outgoing mail messages. To automate this, you need to use Microsoft Office group policy templates: Office 2010 Administrative Template files (ADM, ADMX/ADML) and Office Customization Tool download