On pg. 9 of your recent article in Notes.Net on S/MIME, you said, "If you want to send an encrypted message to someone and you do not have their Internet certificate, ask that person to send you a signed e-mail message". Is that the only way to obtain their cert?
I would like to obtain their cert directly from their LDAP directory; although the Notes client can search for and find the person's LDAP entry, it won't retrieve their cert. Instead, it returns an error message "mail encryption failed because either no entry was found with a matching address or a matching entry was found with no Notes certificate."
Is it possible that you are confusing S/MIME encryption and Notes encryption? The first uses Internet (X.509) certificates. The second uses the certificates built into a Notes ID file. The error you reported sounds as if the Notes client is looking for a Notes certificate. If the receiver is a Notes user, and has an entry in your Domino NAB, then you don't need S/MIME -- native Notes mail will work fine. S/MIME comes into play when you want to send secure mail outside of your Notes network, over the Internet, to someone who does not use the Notes client.
Dig Deeper on Lotus Notes Domino Administration Tools
Related Q&A from Chuck Connell
Is it possible to encrypt a user's name before sending an email? SearchDomino.com expert Chuck Connell weighs in. Continue Reading
Learn how to change authentication timeout interval for Domino Web Access logins. Continue Reading
SearchDomino.com expert Chuck Connell explains your options if you can't restore a corrupted certlog.nsf file using the fixup command. Continue Reading