Sending Signed Emails from Windows Live Mail

168 words.

For the longest time, I couldn’t figure out how to send digitally signed emails in Windows Live Mail (or Windows Mail) in Vista.  Both consistently reported, “The message could not be sent. An error has occurred.”

There was no other information in any log file I could find, and Google was no help at all.  This happened with free certificates from StartSSL, Thawte and homegrown OpenSSL certificates.

I finally figured out the reason:  The certificates only contained public keys.  (In other words, I imported them wrong.)  If you import and use password-protected PKCS#12 files - the ones that contain both a public and private key (as opposed to .crt or .cer files) - WLM and WM will then send signed emails correctly.

In the screenshot below, you can see that the correctly-imported StartCom certificate has a little key in the upper left corner, whereas the incorrectly-imported Thawte certificate doesn’t.  The first will work, the second won’t.

image
 

Would have been nice if Microsoft’s error message had told me that…

This page is a static archival copy of what was originally a WordPress post. It was converted from HTML to Markdown format before being built by Hugo. There may be formatting problems that I haven't addressed yet. There may be problems with missing or mangled images that I haven't fixed yet. There may have been comments on the original post, which I have archived, but I haven't quite worked out how to show them on the new site.

Sorry, new comments are disabled on older posts. This helps reduce spam. Active commenting almost always occurs within a day or two of new posts.