Digitally signed email does not display when using Microsoft Outlook Web Access (OWA)
Originally Published: 2005-12-30
Article Number
Applies To
RSA Certificate Manager
Microsoft Outlook Web Access (OWA)
Issue
"The contents of this message can't be displayed because the message is encrypted or digitally signed." is displayed when trying to view digitally signed email with OWA
Digitally signed email is displayed with "encrypted message" icon
"Send this message as clear text signed" is unchecked
Opaque signed message
Cause
Resolution
1. Click Tools > Options > Security tab
2. Check "Send clear text signed message when sending signed messages"
This ensures that when you click the "Digitally Signed Message" icon, it will send it by default as clear text.
There are 2 ways that you can send a digitally signed message: opaque, and clear signed:
1. Sending opaquely means that the entire message (its full contents and the digital signature 'blob') are all collected and processed into one huge MIME chunk that basically forms the message contents when it's sent out. Receiving clients (like Outlook) that know how to handle S/MIME messages can then extract the actual message and digital signature blob, validate it, and display the message to the user. Receiving agents that don't know how to handle S/MIME will just display a blank message with an attachment.
2. Sending a message clear text signed means the entire message contents are sent as plain-text, and the digital signature part is just appended to the end of the message as an attachment. In this way, any email client can still read the message even if it doesn't support S/MIME since the message is in plain text (even though it still cannot validate the signature). S/MIME-capable clients can still go through the additional work of checking the message contents and comparing with the digital signature attachment to verify its validity.
In Outlook, when you check "Send this message as clear text signed", you're choosing clear signed and assuring the greatest compatibility with all other clients, which is preferred. When you deselect it, you're choosing opaque signing, and many people may not be able to read your messages. (The advantage of opaque signing is that the message is less likely to be altered by servers on the way to its destination. Some servers, in an effort to be 'smart,' will snoop through a message and quietly and subtly change/convert its contents, thus invalidating the signature. Opaque signing is one way of preventing this.)
NOTE: All versions of Outlook Web Access will allow reading of clear text signed messages, but only one will allow reading of opaque signed messages.
Refer to Exchange S/MIME Support in Exchange 2003 for compatibility.
Related Articles
Microsoft Outlook on the Web 2016 - RSA Ready SecurID Access Implementation Guide Number of Views Microsoft Outlook Web Access 2013 - SecurID Access Implementation Guide Number of Views ZPE Nodegrid 4.1 - Configure User sign in Configuration - RSA Ready SecurID Access Implementation Guide Number of Views RSA Announces the Release of RSA MFA Agent 1.2.1 for Microsoft Windows Number of Views RSA Announces RSA Authentication Agent 8.0.1 for Web for IIS 7.5 8.0 and 8.5 Number of Views
Trending Articles
Oracle 12c TEMP_UNDO_ENABLED parameter for managing GTT UNDO activity in RSA Identity Governance & Lifecycle RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide Unable to attach a replica instance due to a configuration error when enabling replication for the RADIUS server for RSA A… RSA Authentication Manager 8.7 SP2 Setup and Configuration Guide Troubleshooting AFX Connector issues in RSA Identity Governance & Lifecycle
Don't see what you're looking for?
