UW Digital ID (Mac) - Mail.app - What to do when recipient cannot read your digitally signed and/or encrypted email.

Mail.app - What to do when recipient cannot read your digitally signed and/or encrypted email.

Note: If there is no digital certificate installed on the computer, Mail.app cannnot send a signed or encrypted S/MIME message. 


"Unable to verify message signature"

Unable_Verify_Sign.gif

There are several reasons this can occur:

  • If the sender's email address does not match the email address contained in the digital signature.
  • The message may have been forged, or was tampered with, or was corrupted.
  • It can also occur if the signing certificate is not "trusted".


"Unable to decrypt message"

Decrypt_Error.gif

There are several reasons this can occur:

  • If the sender's public key is not in your Keychain. ( How do I receive someone's public key? - Answer: Exchange signed emails)
  • Also, when you receive an encrypted email select it and Mac will ask you for permission to give Mail.app access to use the private key in your Keychain to decrypt the email.  Click "Allow".

key_chain_access.gif
  • If you deny Mail.app the permission to use the private key, or the private key is not in your Keychain you will see the "Unable to decrypt message" error.


Mail.app Default Behavior:
After you have sent an encrypted email to someone.
Mail.app attempts to send all following emails as encrypted (but only if you have a public key for the recipient in Keychain) unless you specifically un-click the encryption security option (padlock icon) before sending.
After, un-selecting the encryption option it will not send any following emails as encrypted until you specifically select encryption again.


Security Controls:

security_both_grayed_out.gif
No Security Available.  It cannot be signed or encrypted because there no certificates installed for the sender or recipients.

Cannot_Encrypt.gif
Encryption Unavailable / Signed only.  It cannot be encrypted because the certificate for one or more of the recipients is not known.

Signed_Only.gif
Signed Only.

Encrypt_Only.gif
Encrypted Only.

Sign_and_Encrypt.gif
Signed and Encrypted.

No_Security.gif
No Security Enabled.  Click on respective icon to activate.

See Also:




Keywords:PKI Digital Certificate UW Digital ID recipient cannot read your digitally sign signed and/or encrypt encrypted email mac mail unable to verify message signature unable to decrypt message   Doc ID:18333
Owner:Steven T.Group:UW Digital ID
Created:2011-04-27 19:00 CDTUpdated:2014-12-17 09:14 CDT
Sites:Access Management Services, DoIT Help Desk, DoIT Tech Store, UW Digital ID
Feedback:  2   2