• RSS
  • Twitter
  • FaceBook

Exchange Server Forums

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Setup of OWA S/MIME in Exchange 2013 SP1

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [Microsoft Exchange 2013] >> Secure Messaging >> Setup of OWA S/MIME in Exchange 2013 SP1 Page: [1]
Login
Message << Older Topic   Newer Topic >>
Setup of OWA S/MIME in Exchange 2013 SP1 - 1.Jun.2016 2:10:36 PM   
ehans67

 

Posts: 1
Joined: 1.Jun.2016
Status: offline
I'm in the process of migrated my users from Exchange 2010 SP3 to Exchange 2013 SP1 and have come across a problem with the S/MIME configuration. I have followed the technet articles regarding S/MIME configuration and have an in house CA, setup the virtual certificates repository and have valid user certificates. I followed the below articles:

https://technet.microsoft.com/en-us/library/dn554259%28v=exchg.160%29.aspx

https://technet.microsoft.com/en-us/library/dn626158(v=exchg.150).aspx

https://technet.microsoft.com/en-us/library/dn626155(v=exchg.150).aspx

I currently have 2 users mailboxes on this exchange server. Both have valid "User" certificates but for some reason only 1 is able send encrypted email, but both are able read encrypted email. I'm not sure if it is a permissions issue or not but my Admin mailbox which was created during installation is the one that is able to both send/receive encrypted emails and my user mailbox can only read encrypted emails.

Both accounts S/MIME settings shows that I have the latest S/MIME version installed 4.0500.15.0.1178.4

I began looking into Set-SMIMEConfig -OWAEncryptionAlgorithms from the below URL hoping this would help. Initially the OWAEncryptionAlgorithm is only set to "6610" but I was unsure what encryption algorithm my User certificate uses so I added all the possible encryption algorithms with no luck.

https://www.granikos.eu/en/justcantgetenough/PostId/178/the-mysterious-exchange-smimeconfig-algorithms

At this point my main "User" account is unable to encrypt or sign emails. The options to Encrypt or Digitally Sign the emails under Message options are grayed out so I can't even select the options. If I go to Gear Icon-->S/MIME Settings and check all 3 options and save it my messages still do not go out encrypted.

I'm really stumped on this one right now. Any ideas? Everything worked fine on my Exchange 2010 setup.

Below is my Get-SMIMEConfig, anyone see anything wrong with this?

[PS] C:\Windows\system32>get-smimeconfig


RunspaceId : fadaa926-249c-4e89-b6b9-65e6e14119c4
OWACheckCRLOnSend : False
OWADLExpansionTimeout : 60000
OWAUseSecondaryProxiesWhenFindingCertificates : True
OWACRLConnectionTimeout : 60000
OWACRLRetrievalTimeout : 10000
OWADisableCRLCheck : False
OWAAlwaysSign : False
OWAAlwaysEncrypt : False
OWAClearSign : True
OWAIncludeCertificateChainWithoutRootCertificate : False
OWAIncludeCertificateChainAndRootCertificate : False
OWAEncryptTemporaryBuffers : True
OWASignedEmailCertificateInclusion : True
OWABCCEncryptedEmailForking : 0
OWAIncludeSMIMECapabilitiesInMessage : True
OWACopyRecipientHeaders : False
OWAOnlyUseSmartCard : False
OWATripleWrapSignedEncryptedMail : False
OWAUseKeyIdentifier : False
OWAEncryptionAlgorithms : 6602:40;6602:56;6602:64;6602:128;6601;6603;660E;660F;6610
OWASigningAlgorithms : 8804
OWAForceSMIMEClientUpgrade : True
OWASenderCertificateAttributesToDisplay :
OWAAllowUserChoiceOfSigningCertificate : True
SMIMECertificateIssuingCA : {0, 0, 0, 0, 67, 69, 82, 84, 4, 0, 0, 0, 1, 0, 0, 0...}
SMIMECertificatesExpiryDate : 11/23/2018 1:24:50 PM
SMIMEExpiredCertificateThumbprint : THUMBPRINT DATA
AdminDisplayName :
ExchangeVersion : 0.1 (8.0.535.0)
Name : Smime Configuration
DistinguishedName : CN=Smime Configuration,CN=Global Settings,CN=DOMAIN,CN=Microsoft
Exchange,CN=Services,CN=Configuration,DC=DOMAIN,DC=int
Identity : Smime Configuration
Guid : ff4344dd-148e-4b24-95e0-ee97424245ae
ObjectCategory : DOMAIN.int/Configuration/Schema/ms-Exch-Container
ObjectClass : {top, container, msExchContainer}
WhenChanged : 6/1/2016 11:29:50 AM
WhenCreated : 5/25/2016 10:27:18 AM
WhenChangedUTC : 6/1/2016 3:29:50 PM
WhenCreatedUTC : 5/25/2016 2:27:18 PM
OrganizationId :
Id : Smime Configuration
OriginatingServer : DC.DOMAIN.int
IsValid : True
ObjectState : Unchanged
Post #: 1

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [Microsoft Exchange 2013] >> Secure Messaging >> Setup of OWA S/MIME in Exchange 2013 SP1 Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts


Follow TechGenix on Twitter