For the longest time, I couldn’t figure out how to send digitally signed emails in Windows Live Mail (or Windows Mail) in Vista. Both consistently reported, “The message could not be sent. An error has occurred.”
There was no other information in any log file I could find, and Google was no help at all. This happened with free certificates from StartSSL, Thawte and homegrown OpenSSL certificates.
I finally figured out the reason: The certificates only contained public keys. (In other words, I imported them wrong.) If you import and use password-protected PKCS#12 files – the ones that contain both a public and private key (as opposed to .crt or .cer files) – WLM and WM will then send signed emails correctly.
In the screenshot below, you can see that the correctly-imported StartCom certificate has a little key in the upper left corner, whereas the incorrectly-imported Thawte certificate doesn’t. The first will work, the second won’t.
Would have been nice if Microsoft’s error message had told me that…