4

I have an Exchange 2013 environment that I'm trying to implement S/MIME with smart cards. To the best of my knowledge, and the little help I have received on TechNet, I have configured my Exchange server correctly. I have installed the S/MIME controls on a Windows computer, I am able to log into OWA with a smart card, but when I try to sign an email or tell OWA which certificate to choose for digital signatures, nothing happens.

Has anyone successfully signed or encrypted an email using a smart card with OWA 2013, or have any ideas about what might be causing this problem?

HopelessN00b
  • 53,385
  • 32
  • 133
  • 208
  • Is anything logged to the Windows Event logs when you try to choose a certificate? – I say Reinstate Monica Feb 14 '15 at 00:03
  • Sorry for the late replay. No events are logged and my card reader does indicate that the card was even accessed. – wolfenstein87 Feb 18 '15 at 14:24
  • If you insert your the smart card to the reader, what are the certificates does your system detects? Does it also detect the certificate for mail encryption? – Nelson De Jesus Jul 17 '16 at 08:53
  • All of the certificates are detected just fine. If I load up Outlook 2013 I can send Signed, Encrypted and Decrypt emails all day. If I try OWA on the same computer it doesn't work. Do you have this working in your environment? – wolfenstein87 Jul 18 '16 at 13:45

1 Answers1

0

I found the problem. First, the Signing cert was missing Email Protection EKU. Second, the emails need to be sent as plain text. I have yet to find the document that states the users emails must be sent as plain text for this to work in a browser, so if somebody comes across it, please enlighten me.