Hi, I've set up my own CA using OpenSSL. I suppose there're no known problems/mistakes in my CA setup. I could used the digital certificates issued by this CA to send secure e-mail and login intranet web sites (in my office) which require client authentication.
Now I have two e-mail accounts, suppose one is S and another one is W. S is using IE 5 with SP2 (but the Outlook Express version is 5.5 as reported by the application) while W is using IE 6. Both run on Microsoft Windows 2000 with SP2. S and W exchange their public certificate by sending a signed e-mail to one another. Then both reply with an encrypted e-mail using Outlook Express. W which has IE 6 has no problem decrypting the encryted e-mail sent by S. S which has IE 5 SP2 could NOT decrypt the encrypted e-mail sent by W. The error message is: Error Decrypting Message You cannot read the message. ------------------------------------------------------------------------------ -- This might be because: o You may have lost or deleted the Digital ID that the message is encrypted to. o You may have installed the Digital ID that the message is encrypted to on another computer. o The sender may have meant the message for somebody else. o You do not have the necessary security package installed on this computer. I have the some problem on another machine which has IE 5.5 SP2 installed. Could someone please help me? The BIG problem is that both S and W have no problem decrypting e-mail when I use digital certificates issued by Thawte. I guess there may be something wrong with my CA setup. Please also find the openssl.cnf I use for my own CA. Thank you very much. Angus Lee --------------------------------------------------- Get Your Free Email at http://www.hknetmail.com
openssl.cnf
Description: Binary data
