Mail encryption failure

The "Mail Encryption Failure" dialog box appears when you want to encrypt an outgoing mail message and HCL Notes® can't find the recipient's certificate to encrypt the message.

In order for you to encrypt outgoing messages, Notes® needs the public key contained in the certificate of the recipient. This ensures that only the rightful receiver can decrypt the message. Notes® looks for the public key in public directories listed in the mail search path.

There are a few ways to get a recipient's certificate in order to encrypt outgoing mail:

  • For mail sent within a HCL Domino® domain, ask the person to mail you their certificate. Once you have his or her certificate you can send that person encrypted mail.
  • If you work offline often and cannot access the Domino® Directory when you send mail, select the recipient's person record in the Domino® Directory, then click the action button "Copy to Contacts" on the action bar. This makes a contact record for the recipient, with attached certificate, into your Contacts. Next time you send mail to that person, Notes® can encrypt the message using the public key in the certificate. Note this action puts both Notes® and Internet certificates into your Contacts contact.
  • For mail sent over the Internet, you can open a signed message from the recipient (a signed mail message always has the sender's certificates attached to it), then choose Actions > Tools > Add Sender to Contacts. This puts the certificate(s) that was attached to the mail message into your Contacts. Next time you send mail to that person, Notes® can encrypt the message using the public key in the certificate if the certificate is enabled for encryption.
  • Click File > Security > User Security (Macintosh OS X users: Notes > Security > User Security), click Identity of Others, select "Research name in directory and in your address book," enter the person's name in the "Internet email or Notes® name" field, then click the "Research name" button to locate certificates in various address books. From here you can trust a certificate, which creates a contact record for the recipient, including any attached certificates, in your Contacts.

To not encrypt mail messages that you send, choose File > Security > User Security (Macintosh OS X users: Notes > Security > User Security), click Mail, and then deselect "Encrypt mail that you send" under "Security options that apply to all Notes® mail."

Disabling mail encryption and signature warnings

If you are not concerned about encryption or signature failures on your mail messages, you can tell Notes® to not prompt you when it cannot encrypt a mail message or verify a signature.

  1. Click File > Security > User Security (Macintosh OS X users: Notes > Security > User Security), click Mail, and then click the "Encryption and Signature Warnings" button.
  2. Select "Don't warn me whenever mail encryption fails, or whenever incoming mail has an unverified signature" to disable all security warnings for encryption and signatures.
  3. Select "Don't check the trustworthiness of other people's certificates or warn me about trust problems" to disable security trust warnings for encryption and signatures for Internet-style Notes® mail (S/MIME).