Export (0) Print
Expand All
This topic has not yet been rated - Rate this topic

Cannot verify sender's digital signatures when the sender's intermediate CA digital certificates do not provide authority information access and are not present in Local Computer certificate store of recipient's Exchange server

 

Topic Last Modified: 2005-05-19

The recipient's Exchange server validates the sender's digital signature by validating the full certificate chain of the sender's digital certificate. In addition to validating the digital certificate for the root CA, the recipient's Exchange server also validates any digital certificates for any intermediary CAs.

Issuing CAs can choose to make intermediary certificates available for download for validation by providing authority information access in the digital certificates that they issue. The recipient's Exchange server can then use the authority information access information when validating the sender's certificate chain on behalf of the recipient.

If the issuing CA does not provide authority information access, the recipient's Exchange server must have these certificates in the Intermediate Certification Authorities folder in the Local Computer certificate store of the recipient's Exchange server.

If a recipient views a message signed using a certificate that does not provide authority information access, and the recipient's Exchange server does not have the intermediate certificates present in the Intermediate Certification Authorities folder in the Local Computer certificate store of the recipient's Exchange server, Outlook Web Access displays the following error message:

The digital ID was issued by an untrusted source.

 
Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft. All rights reserved.