For troubleshooting e-mail messages encrypted using Secure/Multipurpose Internet Mail Extensions (S/MIME), the encrypted part of a message can be exported. See article "Microsoft Outlook: Extracting an encrypted S/MIME message from an email„.
To find out with which certificates a message has been encrypted, you can proceed as follows...
After the attachment "smime.p7m" has been unpacked, it can be examined using certutil:
On a German language system:
certutil smime.p7m | findstr serial number
On an English language system:
certutil smime.p7m | findstr Serial
The message is always encrypted with the certificate or public key of the sender. Therefore, its serial number is also always included.
In this way, for example, it is possible to find out whether the message was encrypted at all with a key of the recipient.
Do you know TameMyCerts? TameMyCerts is an add-on for the Microsoft certification authority (Active Directory Certificate Services). It extends the function of the certification authority and enables the Application of regulationsto realize the secure automation of certificate issuance. TameMyCerts is unique in the Microsoft ecosystem, has already proven itself in countless companies around the world and is available under a free license. It can downloaded via GitHub and can be used free of charge. Professional maintenance is also offered.
For example, if the sender sends the message to multiple recipients and his company uses an encryption gateway that does not know the public key of that particular recipient, it may well happen that the recipient receives such a message that cannot be decrypted.
English 
Deutsch
2 thoughts on “Microsoft Outlook: Empfänger-Zertifikate bei S/MIME verschlüsselten Mails herausfinden”
Comments are closed.