On pg. 9 of your recent article in Notes.Net on S/MIME, you said, "If you want to send an encrypted message to someone and you do not have their Internet certificate, ask that person to send you a signed e-mail message". Is that the only way to obtain their cert?
I would like to obtain their cert directly from their LDAP directory; although the Notes client can search for and find the person's LDAP entry, it won't retrieve their cert. Instead, it returns an error message "mail encryption failed because either no entry was found with a matching address or a matching entry was found with no Notes certificate."
Is it possible that you are confusing S/MIME encryption and Notes encryption? The first uses Internet (X.509) certificates. The second uses the certificates built into a Notes ID file. The error you reported sounds as if the Notes client is looking for a Notes certificate. If the receiver is a Notes user, and has an entry in your Domino NAB, then you don't need S/MIME -- native Notes mail will work fine. S/MIME comes into play when you want to send secure mail outside of your Notes network, over the Internet, to someone who does not use the Notes client.
This was first published in February 2002