Knowledge Base

Troubleshooting: “Your Digital ID Name Cannot Be Found” Error in Outlook 
 
Overview 

This guide explains how to diagnose and resolve the Outlook error “Your digital ID name cannot be found by the underlying security system” that appears when opening a secure, encrypted email. The issue is commonly related to certificate mismatches—especially between older 3DES encryption and newer AES256 encryption—or corrupted or missing certificates. 
 

 

Symptoms 

You may be experiencing this issue if you notice: 

• Outlook displays the message: “Your digital ID name cannot be found by the underlying security system.” 

• You are unable to open encrypted or secure emails. 

• Only specific encrypted emails from certain senders fail to open. 

• Other encrypted emails from the same sender open successfully, but one specific email does not. 

• The error appears inconsistently after reopening Outlook. 

 

 

Cause 

This error is typically caused by an invalid, missing, or outdated encryption certificate on the client or sender's side. In many cases, the root cause is a mismatch between the sender’s older 3DES-encrypted message and the recipient’s AES256‑based security configuration, or corrupted sender certificates stored locally. 

 

Workaround: 

1. Although the error message may seem to be quite complex, your problem can be temporary. Close the error message, wait for a minute or two. Then, reopen the mail. 

2. Try opening other emails from the same sender and check whether you can access those emails or not. If you can, then you should request the sender to o forward the email once more. 

Solution 

Follow these steps to resolve the issue: 

Solution 1 – Enable Server Authentication 

Turn on the server authentication feature in Internet Options on your system. 

Turn on server authentication in your Internet Options to ensure certificate verification works correctly. 

Step 1: Press Windows + R. 

Step 2: Type: inetcpl.cpl and select OK. 

 

 

  

 

  

Step 3: In Internet Options, go to the Content tab. 

 

Step 4: Open Certificates. 

 

  

 

Step 5: Select the Personal tab. This section enlists all the personal certificates. 

Step 6: Click Advanced. 

 

  

 

  

Step 7: Enable the following options:  

• Server Authentication 

• Secure Email 

 

Step 8: Click OK, then Close. 

 

  

 

  

Step 9: Select “Close” to close the Certificates tab. 

  

 

  

Step 10: Back in Internet Options, select Apply and then OK to save the changes. 

  

 

  

Restart Outlook and try opening the encrypted email again. 

 
Solution 2 – Check for the certificate 

Verify that you have a valid certificate configured for signing and encryption. 

Step 1: Open Microsoft Outlook. 

Step 2: Go to: File → Options 

 

  

 

  

Step 3: Select Trust Center → Trust Center Settings 

  

 

  

Step 4: In the Trust Center Settings page, go to the “Email Security” tab. 

Step 5: Under Encrypted Email, verify that a certificate (e.g., *.cert) appears 

 

Step 6: Click Settings. 

 

  

 

  

Step 7: Check whether a Security Settings Name is selected.  

• If the field is blank, your certificate might have expired and requires replacement. 

  

 

  

Step 8: Use Choose to manually select a valid Signing and Encryption certificate if needed. 

Check if the encrypted message now opens. 

 

Solution 3 – Delete the sender certificate 

A corrupted sender certificate stored locally can cause the error. 

 

Step 1: Press Windows + R, then type: mmc and enter 

 

 

  

Step 2: Select “File” and click “certmgr” to open that up. 

  

 

 

  

Step 3: Expand Certificates – Current User. 

 

Step 4: Go to: Other People → Certificates 

 

  

 

  

Step 6: Locate the sender’s faulty certificate. 

Step 7: Right-click the certificate → Delete. 

 

  

 

  

Step 8: Select File → Save to save the console configuration. 

Try opening the encrypted email again. 

 

  

 

If the Above Do Not Work 

If none of the fixes resolve the issue, the sender may need to: 

• Regenerate a new certificate signing request (CSR) using CertReq 
  (instead of the Windows certificate snap-in), and 

• Obtain a newly issued certificate. 

• This ensures compatibility with modern encryption standards such as AES256. 

 

 
 
Related Articles:  
Tags: