Outlook 2010 "forgets" Encryption and Digital Signature preferences

Similar Messages

• Encryption and Digital signature in SAP

  Hi,
  We have a requirement to encrypt the payment data before it is sent to a Bank using SAP XI.We are planning to have a ABAP proxy which will do the encryption and hopefully attach a digital signature.We are working in SAPR/3 Enterprise edition.Does SAP supports doing  Encryption and digital signature in  ABAP.
  Thanks,
  Leo

  Hi Leo,
  have a look here:
  https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/com.sap.km.cm.docs/library/icc/secure store and forwarddigital signatures user guide.pdf
  regards Andreas

• GPO For Outlook Certificates Used For Encryption and Digital Signatures?

  How can we configure a group policy to distribute certificates to Outlook 2010 users so they can digitally sign and encrypt messages without requiring much effort on their end?
  The users will become confused and make mistakes if we ask them to follow instructions on how to download and import certificates into Outlook 2010 manually.  Can we automate this with Group Policy?

  Would a certificate "autoenrollment" GPO work for these types of certificates?
  Yes. Here's a good guide. The user will still need to choose to sign, or encrypt, unless you want to enforce that in some way. If you are sending signed or encrypted email outside of your AD, you will need to solve how the recipients will get your root cert,
  etc.
  http://davidmtechblog.blogspot.com.au/2013/06/exchange-2010-security-smime-part-1.html
  http://davidmtechblog.blogspot.com.au/2013/07/exchange-2010-security-smime-part-2.html
  http://davidmtechblog.blogspot.com.au/2013/07/exchange-2010-security-smime-part-3.html
  Don
  (Please take a moment to "Vote as Helpful" and/or "Mark as Answer", where applicable.
  This helps the community, keeps the forums tidy, and recognises useful contributions. Thanks!)

• Files encrypted and digital signed with cFolders

  Dear all,
  Currently I'm involved on a PPS project with cFolders. This project has legal requirements that consist in implementing encryption and digital signature in files which will be uploaded to cFolders. I've been searching on SAP Help, SDN and Service Marketplace about APIs to work with cFolders with encryption and digital signatures, but I didn't find related documents. It seems there is no documentation regarding such scenarios...
  Anyone has experience in cFolders with files encrypted and digital signed?
  Thanks in advance & regards,
  Ricardo.

  Hi Federico
  If I understood your solution you are signing your documents in a Webservice provided from a CA. For that youu2019ve created an RFC dest type G over ssl (https) and used the class CL_HTTP_CLIENT. So your requirement is only to sign documents, right?
  Well my scenario seems a little bit different as Iu2019ve to encrypt the file and also sign it. The signature is done on useru2019s laptop trough a smartcard (hardware device connected via USB that reads the chip the certificate assigned to our identity card) and cannot be signed from other entity than the user itself.
  Did you explore the PGP alternative? cFolders supports this kind of files (*.pgp). The PGP (Pretty Good Privacy) is a popular program used to encrypt and decrypt files, e-mails, etc.
  Today I installed a trial version of a PGP tool. I tested the encryption/signature with files on my desktop and it works fine. I tested a Public Key scenario where the owner publishes his PK in cFolders and the requester gets this PK in cFolders as well. The requester now can encrypt documents and upload them to cFolders with the public key provided by the owner; the owner itself has the private key to open the encrypted file (extension .pgp) after upload. But over the encrypted file the requester must sign it with his private key (another certificate) provided by a CA and here starts the second challenge...
  In cFolders after the file upload the system should gets the requester digital signature and sends it to CA for validation, only after that we know if the requester is a trusted partner or not. To do this we are thinking to use a Webservice provided by the CA, however I don't know how to extract/get the signature in the file encrypted/signed from PGP and uploaded to cFolders.
  Do you have any idea?
  Thanks & regards,
  Ricardo.

• Outlook 2013 won't auto-save emails if encryption or digital signature is enabled.

  In Outlook 2013, I recently noticed that although I have Autosave enabled, I never get drafts autosaved. The option is located in File > Options > Mail > "Save Messages" section > "[ ] Automatically save items that have not been
  sent after this many minutes [3]."
  Experimenting with why I have lost 2 long emails after system crashes, I discovered that Outlook 2013 will
  only automatically save emails if the Encrypt and Sign buttons are turned off. By default, I enable both in our corporate environment. So I never benefit from auto-save. I've changed the Autosave location and tested various other settings to
  no avail. But Autosave always works fine if there's no digital signature or encryption enabled.
  Has anyone else encountered this? Is this a bug?

  Hi,
  I just tested on my Outlook 2013 and experienced exactly the same.
  This is pretty much by design, actually you may find you are even unable to manually save these emails as drafts if encryption or digital signature is enabled.  I can also confirm some email service providers don't allow saving Encrypted Emails
  as drafts either, so this is not a bug but how it works in Outlook.
  Regards,
  Melon Chen
  TechNet Community Support

• Outlook Pro 2013 Crashes On Send After Checking ENCRYPTION and DIGITAL SIGNING

  I bought and imported a Digital ID today. After doing so I went in and checked the boxes in TRUST CENTER to allow for ENCRYPTION and DIGITAL SIGNING. After doing so, every time I hit SEND on my emails, it sits, spins, sits, and never recovers. The application
  hang error is below. Please note that the SOFTWARE PROTECTION SERVICE seems to stop working in EVENT VIEWER as well before each app hang.
  If I go in, UNCHECK those security settings, and reopen OUTLOOK, all is well.
  OUTLOOK EVENT LOG
  Log Name:      Application
  Source:        Application Hang
  Date:          6/10/2013 1:05:22 PM
  Event ID:      1002
  Task Category: (101)
  Level:         Error
  Keywords:      Classic
  User:          N/A
  Computer:      MS-Home
  Description:
  The program OUTLOOK.EXE version 15.0.4505.1002 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
   Process ID: 2138
   Start Time: 01ce65fb8d98576a
   Termination Time: 16
   Application Path: C:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE
   Report Id: e9ecd5fa-d1ef-11e2-be85-6045bdde9c2f
   Faulting package full name:
   Faulting package-relative application ID:
  Event Xml:
    <System>
      <Provider Name="Application Hang" />
      <EventID Qualifiers="0">1002</EventID>
      <Level>2</Level>
      <Task>101</Task>
      <Keywords>0x80000000000000</Keywords>
      <TimeCreated SystemTime="2013-06-10T17:05:22.000000000Z" />
      <EventRecordID>8066</EventRecordID>
      <Channel>Application</Channel>
      <Computer>MS-Home</Computer>
      <Security />
    </System>
    <EventData>
      <Data>OUTLOOK.EXE</Data>
      <Data>15.0.4505.1002</Data>
      <Data>2138</Data>
      <Data>01ce65fb8d98576a</Data>
      <Data>16</Data>
      <Data>C:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE</Data>
      <Data>e9ecd5fa-d1ef-11e2-be85-6045bdde9c2f</Data>
      <Data>
      </Data>
      <Data>
      </Data>
      <Binary>430072006F00730073002D00700072006F00630065007300730000000000</Binary>
    </EventData>
  </Event>

  Run Outlook with safe mode to check the result. ("Outlook.exe /safe")
  Create a new Outlook profile to test that.
  How to use ADPlus.vbs to troubleshoot "hangs" and "crashes"
  http://support.microsoft.com/kb/286350
  Tony Chen
  TechNet Community Support

• Encrypting a digital signature

  Hi,
  I have a problem, I'm trying to encrypt a digital signature (SHA1withRSA) using symmetric encryption (Rijndael). But when I decrypt the signature bytes and verify the signature I get the message that the signature is not ok, even though I know it is.
  Does anybody know what's the problem?

  Hi floersh
  Thanks for answering.
  I'm sending you the code which I use, the functions and the main method.
  Please, if you have the time give it a look.
  Running the code I noticed that :
  1) The message digest is 20-bytes long
  2) The signature is 128-bytes long
  3) The encrypted signature is 32-bytes long
  4) The decrypted ciphertext (signature) is 16-bytes long
  And I also noticed that the decrypted signature bytes are the same with the 16 last bytes of the original signature.
  As you can see I'm using SHA1withRSA to create and verify the signature, where the public and private keys are 1024-bits long, and the Rijdael (192-bits key)cipher, with CBC and PKCS5Padding, for symmetric encryption and decryption. I have also tried to use Rijndael with ECB and PKCS5Padding and still doesn't work, and Rijndael with ECB and NoPadding where I get a BadPadding exception.
  I look forward for your reply.
  public static void generateAndLockKeys(String publicKeyFilename,String privateKeyFilename) throws Exception{
  KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
  keyPairGenerator.initialize(1024);
  KeyPair keyPair = keyPairGenerator.genKeyPair();
  byte[] publicKeyBytes = keyPair.getPublic().getEncoded();
  FileOutputStream fos = new FileOutputStream(publicKeyFilename);
  fos.write(publicKeyBytes);
  fos.close();
  byte[] privateKeyBytes = keyPair.getPrivate().getEncoded();
  fos = new FileOutputStream(privateKeyFilename);
  fos.write(privateKeyBytes);
  fos.close();
  public static PrivateKey getPrivateKey(String privateKeyFilename, String password) throws Exception{
  FileInputStream fis = new FileInputStream(privateKeyFilename);
  ByteArrayOutputStream baos = new ByteArrayOutputStream();
  int theByte = 0;
  while ((theByte = fis.read())!= -1)
  baos.write(theByte);
  fis.close();
  byte[] keyBytes = baos.toByteArray();
  baos.close();
  PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(keyBytes);
  KeyFactory keyFactory = KeyFactory.getInstance("RSA");
  PrivateKey privateKey = keyFactory.generatePrivate(keySpec);
  return privateKey;
  public static PublicKey getPublicKey( String publicKeyFilename) throws Exception{
  FileInputStream fis = new FileInputStream(publicKeyFilename);
  ByteArrayOutputStream baos = new ByteArrayOutputStream();
  int theByte = 0;
  while ((theByte = fis.read())!= -1)
  baos.write(theByte);
  fis.close();
  byte[] keyBytes = baos.toByteArray();
  baos.close();
  X509EncodedKeySpec keySpec = new X509EncodedKeySpec(keyBytes);
  KeyFactory keyFactory = KeyFactory.getInstance("RSA");
  PublicKey publicKey = keyFactory.generatePublic(keySpec);
  return publicKey;
  public static boolean checkSignature( PublicKey publicKey, byte[] plaintext, byte[] signedtext) throws Exception{
  Signature signature = Signature.getInstance("SHA1withRSA");
  signature.initVerify(publicKey);
  signature.update(plaintext);
  boolean authorized = false;
  authorized = signature.verify(signedtext);
  return authorized;
  public static byte[] signWithSHAAndRSA(byte[] plaintext, PrivateKey privateKey) throws Exception{
  Signature signature = Signature.getInstance("SHA1withRSA");
  signature.initSign(privateKey);
  signature.update(plaintext);
  byte[] signedBytes = signature.sign();
  return signedBytes;
  public static byte[] encryptWithAES(byte[] plaintext, Key key, byte[] iv) throws Exception{
  Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
  IvParameterSpec spec = new IvParameterSpec(iv);
  cipher.init(Cipher.ENCRYPT_MODE, key,spec);
  cipher.update(plaintext);
  byte[] ciphertext = cipher.doFinal();
  return ciphertext;
  public static byte[] decryptWithAESKey (Key AESKey, byte[] ciphertext, byte[] iv) throws Exception{
  Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
  IvParameterSpec spec = new IvParameterSpec(iv);
  cipher.init(Cipher.DECRYPT_MODE,AESKey,spec);
  byte[] decryptedText = cipher.doFinal(ciphertext);
  return decryptedText;
  public static Key generateAESKey() throws Exception {
  KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
  keyGenerator.init(192);
  Key key = keyGenerator.generateKey();
  return key;
  public static byte[] initAndReturnIV(){
  SecureRandom random = new SecureRandom();
  byte[] iv = new byte[16];
  random.nextBytes(iv);
  return iv;
  public static void main(String[] args) throws Exception{
  Security.addProvider(new BouncyCastleProvider());
  try {
  generateAndLockKeys(System.getProperty("user.dir") + System.getProperty("file.separator") +
  "PublicKey",System.getProperty("user.dir")
  + System.getProperty("file.separator") +"PrivateKey");
  } catch (Exception e) {}
  Key AESKey= generateAESKey();
  byte[] iv = initAndReturnIV();
  byte[] array2 = signWithSHAAndRSA("Hello".getBytes("UTF8"),getPrivateKey(System.getProperty("user.dir")
  + System.getProperty("file.separator") +"PrivateKey"));
  byte[] he = encryptWithAES(array2,AESKey,iv);
  byte[] hd = decryptWithAESKey(AESKey,he,iv);
  boolean ok = checkSignature(getPublicKey(System.getProperty("user.dir") + System.getProperty("file.separator") +
  "PublicKey"),"Hello".getBytes("UTF8"),hd);
  }

• Outlook 2010 - can you add multiple signatures to a single email?

  Basically using 2 or 3 signatures to create a quick email?  By adding a 2nd or 3rd signature to a new email.  I can't get this to work like it did in 2007.
  Thank you for any help.

  Hi,
  Thank you for using Outlook IT Pro Discussions forum. 
  We can certainly add multiple signatures to a new email.
  In Outlook 2010, click
  File > Options > Mail > Signature. We can add multiple signatures there, and set a default signature.
  After that, when we compose an email, click the
  Insert tab, click Signature in the
  Include group, we can choose other signatures.
  If you encounter any problems when trying to add the signatures, please let me know.
  Best Regards,
  Sally Tang

• Adobe Interactive Forms and Digital Signature

  Adobe Interactive Forms and Digital Signature
  Hi, I’ve a question if it works to digital sign interactive PDF documents created by an SAP BPM System? So is it possible just to sign the content, and not the interactive components like layout and buttons e.g.?
  Thanks for your help.
  Regards,
  Tobi

  serverside or at the client??

• Mail missing Encrypt and Digitally Sign buttons

  I don't have the option of encrypting or digitally signing any e-mails I compose in Mail. I have a valid security certificate in my Keychain Access, as well as valid certificates for my contacts. I can't find an option to show/add the encrypt and digitally sign buttons either.
  When composing a new message, the drop down box next to the subject line only gives the following options:
  CC field
  BCC field
  Reply-to address field
  Priority field
  Customize...
  I know where these two buttons should be and what they look like, but they're just not there. Any ideas or suggestions?

  I finally have a solution to this problem. I had been trying to use a .cer security certificate issued by Comodo, it had worked just fine on Windows but my Mac didn't seem to like it. I also tried creating my own certificate through OSX, but even after I created it I still couldn't see the buttons.
  I had someone direct me to this webpage which ultimately helped me fix the problem:
  http://allforces.com/2007/03/02/email-security/
  I ended up using Thawte to issue me another security certificate (this time it was an x.509 file), the security certificate automatically opened in Keychain Access and downloaded to the Certificates and My Certificates folder. Once I shutdown Mail and restarted it I had the buttons for both encryption and digitally signed. Of course the encryption button is still greyed out because it is a new certificate and I need to make sure my Address Book contacts have a copy of it before I can encrypt.

• Archiving options for Outlook 2010/2013 Home and Business?

  Hi all,
  Forgive me if this is covered already (I am sure it would be somewhere but I could not find a definitive answer).  We are looking at migrating from Google Apps to Exchange and I am trying to cost it all up and have a question in relation to archiving.
  Our 450 users are not akin to archiving, given their gmail limits, they are just used to keeping everything, however with exchange that will have to change as we are going to host it locally.
  The question I have is what archiving options are available to me given that all our office installations are Home and Business 2010/2013?  I have read the compatibility matrix which says outlook in this product does not support in-place archiving.
  To test this I created an in-place archive for my account (outlook 2010 H&B) and when I re-open outlook I get my archive mailbox showing up.
  I have not yet tested the mailbox retention policies and such like but I thought I would just ask as to what options would be available to me given this situation?
  Given that my archive is now showing in outlook, what has caused that to happen? I would have thought that if it was not supported that it would not have shown up at all?  Can someone explain what functionality will not work and what will?
  If we have to buy new copies of outlook for all our clients it just adds to the cost that I suspect will kill the move and management will say that we can stay on gmail.
  Thanks for any direction you may have.

  I understand that it is not supported, I was just commenting that It appeared to work in the tests that I had done and I was curious as to why
  Aaron would you mind to share your findings on this if any! We are in the same situation as you were.
  I have activated Online Archiving (on-premises) feature for 3 accounts on our Exchange 2010 and set them up with Retention Policy which Move to archive items aged more than 6 months and all works fine and old Items automatically being moved to Online Archive
  mailbox which just appeared after enabling this on server for above 3 accounts.
  The server is Exchange 2010 and clients are Outlook H&B 2013 which comes with DELL systems.
  We already purchased Enterprise Licenses as well and have access to Microsoft Download pages to get Outlook 2013.
  But since above is working just fine, we really would like to know, if we don't install Outlook 2013 and activate it with that license what in fact we are missing in terms of functionalities regarding Online Archiving!
  Really looking forward to hear back from you or anybody who can clear the confusion.
  Thanks for assistance!

• General Question about how to encrypt-decrypt and Digital signatures

  Hi,
  We're developing classes for encrypting and signing a txt message and for decrypting and validating the signature of the message. Everything works properly but I have several questions, they're not about code:
  1st We're encrypting the message following this way:
  -generating a number which is gonna be the password
  -encrypting the message in AES with this password
  -encrypting the with the public certificate of the receiver the password
  -We pack everything, encrypted message+ encrypted password in a File with public key of the receiver.
  The questions we have for this issue are:
  -Is it okay? or can I do it more efficiently.
  -is it a standard for developing encrypting software? We've followed java api tutorials
  -Can we decrypt this message using comercial software? it just plain text(of course if we have the private key)
  2nd We take this message and we sign it with our private key
  -We use CMS classes from bouncycastle libraries
  The questions we have for this issue are:
  - How can I check , with comercial software, whether this message is signed ok and is valid.
  - How can I know whether this way of signing is in compliance with PKCS7-CMS standard?
  Thanks in advance
  if you need more information ask me

  The file multiscreen.html apepars to do the following:
  It tests if the browser is running on a "hand held device".
     This means it looks to see if the device name includes:
            "blackberry","android","iphone","ipad","symbian","smartphone","ios","windows ce","webos"
  If the answer is Hand-held then the HTML5 published module is loaded. Otherwise it loads swf.
  I can see no check that Flash player is loaded before making the choice, nor does it check the compatability of the HTML5 on the "hand held" device. In other  words it isn't very "smart"

• Email attachments and digital signature

  I used to be able to open a email attachment, review it and then digitally sign it.
  Since the new IT people came it, the digital signature simply disappears. Any way to restore this function? Thanks.

  We experienced a similar problem when Adobe updates were installed. It seems that a recent Adobe update took away the capability to save your digital signature directly to the PDF email attachment, then forward the email with the signed attachment. Now, when we open a PDF email attachment and place a digital signature, as soon as we have entered our password for our digital signature, we are prompted with the "Save As" dialog box asking us to save the document somewhere on the hard drive of our computer (the default location is My Documents). If you hit Cancel, then the signed version does not get saved. The attachment remains unsigned. So we learned we needed to go through the Save As dialog and choose (and remember) a location to save the PDF, such as My Documents or Desktop, then reply or compose a new email and attach the signed version that we had just saved in Documents/Desktop. We used to be able to hit the Save icon in Adobe and save our changes (digital signature) to the email attachment. Having to save the PDF somewhere other than the email itself is an extra step we'd prefer to avoid, and we'd be happy to learn of a way to go back to our old method. I believe the key was that Adobe would save the signed version somewhere in the "temp files" on the C drive and automatically use that version when the email is forwarded. And I think Adobe did away with that, unless there is a way to revert to that method using Preferences?
  But I wonder if the Asker of this question is able to click "Place Signature" and has an opportunity to "Save As," saving the PDF on the hard drive of the computer for future attaching? Are you hitting "Cancel" in the Save As dialog?
  If you save the signed PDF (i.e. in the default My Documents), then a slightly quicker method than having to browse to the saved document in Documents is, you can click on the envelope icon (Sharing) at the top of the screen. Then click the "Attach to Email" circle and click the "Attach" button. This will generate a new email in your email application (i.e. Outlook) with the signed PDF attached (Adobe pulls the signed version that you previously saved to your Documents). The downside to this is that the generated email will not have the original email thread or subject line, so you will need to add a relevant subject line.
  Some of our users reported that they used the Share ... Attach to Email feature and their signatures would get wiped from the email attachment after they hit send. However, this phenomenon has not been witnessed since the most recent Adobe software update.

• How to remove encryption in digital signature

  How to remove the encryption in the digital signatur
  I sign document and signature encrypt document hence not allowing future amendments.  How to remove encryption ??

  Thanks George for the help, I managed to create my own ID using your
  approach, Advanced > Security Settings > Digital IDs > add ID, but when I
  signed it with the PDF of my signature, it is showed as my name in Typing
  such as "XXX YY", instead of the handwritten form. I managed to use the
  same PDF of my signature (signed and converted to PDF) last week when I
  used the Pro 9, how can I attach my signature the same way in handwritten
  form instead of being convered to "XXX YY" and appears "digitally signed"
  Thanks again.

• Security Issues: SSL on SOAP Adapter and Digital Signature in BPM

  Hi there,
  we're developing a R/3-XI-3rd Party Application scenario, where the XI/3rd Party communication is based on a webservice (SOAP adapter with SSL). Also, the messages in the XI/3rd Party communication must be digitally signed. I've got some questions on both subjects.
  1. About the SSL. I've started to investigate what will be necessary to enable the HTTPS option under SOAP Adapter (it's not enabled now). If I'm not correct, all I need to do is:
  - check whether the SAP Java Crypto Lib is installed in the Web AS;
  - generate the certificate request in the Visual Administrator and, after acquiring the certificate, store it with the KeyStorage option.
  Is that right?
  I'm considering that I won't need to use SSL in the ABAP Web AS, only the J2EE Java Engine (since the SOAP Adapter is based on J2EE).
  2. About the digital signature. As a first solution, we had decided on accessing a webservice based on another machine running a signature application. We'd send the unsigned XML and receive a signed XML. But since that needed to be done into the BPM, I thought that using a piece of Java code in a mapping would suit it better.
  But to be able to use the hashing/encrypting/encoding algorithms, which library needs to be installed? Is it the same SAP Java Crypto Lib that was installed for the SSL enabling?
  Thanks in advance!

  Hello Henrique,
  1. You're right. For detailed instructions please have a look at the online help: http://help.sap.com/nw04 - Security - Network and Transport Layer Security - Transport Layer Security on the SAP J2EE Engine
  2. The SOAP adapter supports security profiles. Please have a look at the online docu http://help.sap.com/nw04 -Process Integration - SAP Exchange Infrastructure - Runtime - Connectivty - Adapters - SOPA Adapter - Configuring the Sender SOAP adapter and from the link under Security Parameters to the Sender Agreement. You'll find some additional information in the following document: http://service.sap.com/~sapdownload/011000358700002767992005E/HowToMLSXI30_02_final.pdf
  Rgds.,
  Andreas