I have a client that was switching to Exchange 2010 from Exchange 2003 and had a group of pilot users with BlackBerries and SmartPhones move to the new servers. One SmartPhone user, while trying to send an email from their phone, received this error:
“Error Certificate missing” and content: “Your message ‘’ was not sent and has been moved to the Drafts folder. Certificates are not available for the following recipients or one or more members of the following distribution lists: user@domain.com.
On the SmartPhone, there are two settings that related to encrypted messages. They are found in activesync on the device under Menu > options > E-mail > Settings > Advanced :
“Encrypt all outgoing e-mail messages”
and
“Sign all outgoing e-mail messages”
In our case the second one was unchecked and the Encrypt all messages was checked and grayed out. I suspected an active sync policy had been set incorrectly. So I ran this command:
Get-ActiveSyncMailboxPolicy
Which lead to these two values set as:
RequireSignedSMIMEMessages: False
RequireEncryptedSMIMEMessages: True
The bold one was the source of our issue. We then changed it to False and the user was able to send emails without getting this error message.