Yubico Forum

Hi all,

I have my certs loaded into slots 9c & 9d. Digital signing works just fine. However, when someone sends me an encrypted message I get the following error from Outlook 2016.

"Your digital ID name cannot be found by the underlying security system"

OS: Windows 10
Product: YubiKey NEO

I've no idea what Outlook 2016 does, or what Windows 10 does. With Outlook 2011 on Mac, encryption and decryption work fine.

Perhaps you should check your certificates to make sure everything matches expectations for Email Security/Key Encryption, like

• Key Usage
• Extended Key Usage
• DN
• Maybe SAN

It might be useful/helpful to look closely at your cert and at the offending email header, but that information would be privacy-sensitive, so I cannot suggest posting it here.

Also, Outlook may have problems with ECC keys and certs, in a weird way. Just so you are aware.

I have the same issue. Can only sign email but not able to read encrypted emails/replies. The properties of the certificate are all correct. Would be nice if Yubico can do more tests with Windows and Outlook as it is easy to reproduce the issue.

We've some testing with Outlook but with each new Update / Service pack Microsoft releases they change the behavior. They recently re-added Smart Card support into Outlook 2016 that had been removed in Outlook 2013. Until Microsoft stabilizes Outlook and the Office suite in which features they will support and continue to support, It maybe best to post on the appropriate Microsoft forums. Maybe this will gain enough traction on the Microsoft side to fix some of Outlooks shortcomings.

Best Regards,
Matthew
Yubico Support