Outlook conflicting or unsupported encryption capabilities triggers when the email address of the contact or recipient is different from the email address that is specified in the recipient’s certificate.

As part of our Server Management Services, we assist our customers with several Outlook related queries.

Today, let us see how our Support Engineers go about to fix this error.

Outlook conflicting or unsupported encryption capabilities

When we send an encrypted email message to a recipient, Outlook uses the recipient’s certificate to secure the message.

If the email address differs from the email address that is specified in the recipient’s certificate, we receive the following warning:

To prevent Outlook from displaying this warning message, we turn off e-mail address matching for certificates.

When we send a secure message in some Outlook versions, we may need to use a certificate that does not match the e-mail address.

In this article, let’s see how our Support Engineers turn off e-mail matching for certificates.

Cause of ‘Outlook conflicting or unsupported encryption capabilities’

The most common cause is that we tried to send encrypted messages without having a copy of a valid certificate for the recipient.

If we have multiple contacts for the recipient, we must send a message using the contact that has the certificate.

[Looking for quick resolution? We are available 24*7]

Solutions for ‘Outlook conflicting or unsupported encryption capabilities’

As we know now, to fix ‘Outlook conflicting or unsupported encryption capabilities’ we need to turn off the multiple contacts.

We can turn off e-mail address matching for certificates by editing the registry. To do this, we follow these steps, as appropriate for the version of Outlook that we are running.

• Outlook 2013

1. Select Start, select Run, type regedit in the Open box, and then select OK
2. Locate the registry key: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\15.0\Outlook\Security
3. If a Security registry key does not exist, create a new key. To do this, follow these steps:
   a. Select the registry key: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\15.0\Outlook
   b. On the Edit menu, point to New and then select Key
   c. Type Security, and then press Enter
4. Right-click the Security key, select New and then select DWORD Value
5. Type SupressNameChecks, and then press Enter
6. On the Edit menu, select Modify
7. Type 1, and then select OK
8. On the Registry menu, select Exit

• Outlook 2010

1. Select Start, select Run, type regedit in the Open box, and then select OK
2. Locate the following registry key: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\14.0\Outlook\Security
3. If a Security registry key does not exist, create a new key. To do this, follow these steps:
   a. Select the registry key: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\14.0\Outlook
   b. On the Edit menu, point to New and then select Key
   c. Type Security, and then press ENTER
4. Right-click the Security key, select New and then select DWORD Value
5. Type SupressNameChecks, and then press Enter
6. On the Edit menu, select Modify
7. Type 1, and then select OK
8. On the Registry menu, select Exit

• Outlook 2007

1. Select Start, select Run, type regedit in the Open box, and then select OK
2. Locate the registry key: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\12.0\Outlook\Security
3. If a Security registry key does not exist, create a new key. To do this, follow these steps:
   a. Select the registry key: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\12.0\Outlook
   b. On the Edit menu, point to New, and then select Key
   c. Type Security, and then press Enter
4. Right-click the Security key, select New and then select DWORD Value
5. Type SupressNameChecks, and then press Enter
6. On the Edit menu, select Modify
7. Type 1, and then select OK
8. On the Registry menu, select Exit

• Outlook 2003

1. Select Start, select Run, type regedit in the Open box, and then select OK
2. Locate the registry key: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\11.0\Outlook\Security
3. If a Security registry key does not exist, create a new key. To do this, follow these steps:
   a. Select the registry key: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\11.0\Outlook
   b. On the Edit menu, point to New, and then select Key
   c. Type Security, and then press ENTER
4. Right-click the Security key, select New and then select DWORD Value
5. Type SupressNameChecks, and then press Enter
6. On the Edit menu, select Modify
7. Type 1, and then select OK
8. On the Registry menu, select Exit

• Outlook 2002

1. Select Start, select Run, type regedit in the Open box, and then select OK.
2. Locate the registry key: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\10.0\Outlook\Security
3. If a Security registry key does not exist, create a new key. To do this, follow these steps:
   a. Select the registry key: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\10.0\Outlook
   b. On the Edit menu, point to New, and then select Key
   c. Type Security, and then press Enter
4. Right-click the Security key, select New and then select DWORD Value
5. Type SupressNameChecks, and then press Enter
6. On the Edit menu, select Modify
7. Type 1, and then select OK
8. On the Registry menu, select Exit

• Outlook 2000

1. Select Start, select Run, type regedit in the Open box, and then select OK
2. Locate the registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\9.0\Outlook\Security
3. If a Security registry key does not exist, create a new key. To do this, follow these steps:
   a. Select the registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\9.0\Outlook
   b. On the Edit menu, point to New and then select Key
   c. Type Security, and then press Enter
4. Right-click the Security key, select New and then select DWORD Value
5. Type SupressNameChecks, and then press ENTER
6. On the Edit menu, select Modify
7. Type 1, and then select OK
8. On the Registry menu, select Exit

To ensure that a certificate has been associated with a contact in Outlook, we follow these steps:

1. Open the signed e-mail message received from the recipient
2. From the subject line of that signed email, right-click and select ‘Add to Contacts’
3. If the sender is not in our address book, a Contact window will appear. Enter the details
4. Once added click Save and Close. This automatically adds the sender’s Digital ID
5. If the sender is already present in our contact book, a dialog box will show as duplicate contact, click ok to update the new information.

[The error still prevails? We are happy to help you fix it.]

Conclusion

In short, to prevent, ‘Outlook conflicting or unsupported encryption capabilities’ we need to turn off e-mail address matching for certificates. Today, we saw how our Support Techs fix it, as appropriate for the version of Outlook that we are running.