Jul 14 2020 02:13 AM
Hi,
I hop this is correct forum.
User has two SMIME certificate. When sending email he can chose with which certificate will he sign the email.
Under OWA I don see this option.
Under S/MIME user setting is option „Automatically choose the best certificate for digital signing“ is grey out.
I did set : set-Smimeconfig -OWAAllowUserChoiceOfSigningCertificate $true
I is almost 24h hours, but option is grayed out in OWA under SMIME config.
What is strange in OWA :
User has a group that he can send as User@domainB.com
When he send sign email as User@domainA.com certificate is always User@domainB.com and it shows no error.
Ignore in picture other options, because I do not have SMIME certificate.
BR,
Satne
Sep 16 2020 06:19 PM
I am in the exact same boat! While I can uncheck the automatic option, nothing I chose seems to work. If my user's email address or (proxy addresses) match their certificate, the automatic configuration works, however, nothing else seems to.
If you have a user where the certificate Subject Alternative Name does not match the users email address or any of their proxy-addresses, then you can not select a certificate. (While, Outlook with a quick change will allow this all day long. So thankfully that still works.)
I have thought maybe the following items would help:
-OWASenderCertificateAttributesToDisplay
-OWAUseSecondaryProxiesWhenFindingCertificates
The real problem is I can not figure out what the right values for OWASenderCertificateAttributesToDisplay actually are!
and I think the second setting (OWAUseSecondaryProxiesWhenFindingCertificates) is not compatible with it in the first place. (Please note this is only a theory)
I am at my Wits end!
If anyone could give me a clue as to the right value for OWASenderCertificateAttributesToDisplay, I will forever be in your debt.