HOME 20 System-wide configuration and pre-population for
S/MIME Top 22 Files and settings in Gpg4win21 Known problems and help Contents German

21 Known problems and help

21.1 GpgOL menus and dialogs no longer found in Outlook

It may happen that the menus and dialogs added to Outlook by GpgOL can no longer be found.

This may be due to a technical problem that caused Outlook to deactivate the GpgOL component.

Reactivate GpgOL via the Outlook menu:
Outlook2007: ? -> Deactivated components
Outlook2003: ? -> Info -> Deactivated components

To (de)activate GpgOL manually, use Outlook's add-in manager:

21.2 GpgOL buttons are not on the Outlook 2003 toolbar

If there are already a lot of buttons on the toolbar of the message window, Outlook 2003 will not necessarily display GpgOL's signature/encryption icons.

You can display these buttons by clicking on the small icon with the arrow pointing downwards on the tool bar (Options for toolbar): You will see an overview of all non-displayed buttons. Clicking on an entry will move it into the visible area of the toolbar.

21.3 GpgOL button are listed unter "Add-Ins" (Outlook 2007)

Outlook 2007 introduced the so-called "ribbon" interface. This multi-functional bar in the Outlook message window has different tabs. The GpgOL buttons (for encryption, signatures etc.) are organised under the "Add-Ins" tab; Outlook saves all buttons of extensions in that location. It is not possible to integrate the GpgOL buttons under "Messages", for example.

You can adjust your tool bar for quick access and add the toolbar commands of the Add-Ins tab.

21.4 Errors when starting GpgOL

If you have first installed Gpg4win (and hence the GpgOL program component) on a drive, then uninstalled it and re-installed it on another drive? If yes, it is possible that Outlook will continue to search for the GpgOL path on the first (old) drive.

This means that the GpgOL program extension is no longer started when Outlook starts, and the following error message appears:

The extension '<old path to gpgol.dll>' could not be installed or loaded. The problem can be solved by using 'Detect and repair' in Help, among other things.

You can solve this problem by resetting the internal Outlook (cached) program extension path. To do this, please delete the following file:
%APPDATA%\Lokale Einstellungen\Application data\Microsoft\Outlook\extend.dat

Outlook should not be running during this process. Then restart Outlook, and it should work fine with GpgOL.

21.5 Installation of Gpg4win on a virtual drive

Please note that it is not possible to install Gpg4win on a virtual drive simulated with the command subst. These virtual drives can only be used locally by the current user. System services, such as DirMngr, do not see these drives. Therefore the installation path is not valid - the installation will stop with error type error:StartService: ec=3. Please install Gpg4win on a drive that is available across the system.

21.6 GpgOL does not check "CryptoEx" InlinePGP e-mails

To check or decrypt signed or encrypted InlinePGP e-mail(s) sent by the Outlook program extension "CryptoEx", S/MIME support must be activated in the GpgOL options.

Make sure that the following option is active in Outlook under Extras -> Options -> GpgOL:
Activate S/MIME support.

21.7 Does not allow S/MIME operations (system service "DirMngr" not running)

The "Directory Manager" (DirMngr) is a service installed by Gpg4win, which manages access to certificate servers. One task of the DirMngr is to load certificate revocation lists (CRLs) for S/MIME certificates.

It is possible that S/MIME operations (signature creation and check, encryption and decryption) cannot be performed because DirMngr is not available. Therefore Gpg4win default settings must ensure that DirMngr checks the revocation lists - if this is not done, the operation cannot be performed, since it means the potential use of a compromised certificate.

To address this problem, the system administrator restarts DirMngr. This is done via System control -> Administration -> Services. You will see DirMngr in the list - and the service can be restarted via the context menu.

21.8 S/MIME operations not allowed (CRLs not available)

It is possible that S/MIME operations (signature creation and check, encryption and decryption) cannot be performed because the CRLs are not available. Therefore Gpg4win default settings must ensure that revocation lists are checked - if this is not done, the operation cannot be performed, since it means the potential use of a compromised certificate.

Help is provided by setting up an acting service ("proxies")for picking up revocation lists (see Section  22.5).

In an emergency (or for testing purposes, CRL checks can also be turned off. To do this, open the Kleopatra menu Settings -> Set up Kleopatra and then the group S/MIME check. Activate the option Never consult recovation lists.
Attention: Be aware that this also means that you run a higher risk of using a compromised certificate. Turning off the revocation list check is never a substitute for setting up a proxy.

21.9 S/MIME operations not allowed (root certificate is not trustworthy)

The respective root certificate must be trusted for a full review of X.509 certificate chains. Otherwise it is not possible to perform S/MIME operations (signature creation and check, encryption and decryption).

To express your trust in a root certificate, you have two options.

  • Write the fingerprint of the corresponding root certificate in a system-wide configuration file. Now the root is trustworthy for all users. To do this, you must have Windows administrator rights. For a detailed description, see Section 22.6.
  • Root certificate set by user (no system-wide adjustment required). To do this, you must mark the option Allow marking of root certificates as trustworthy in Kleopatra's settings. After that, every time you import a new root certificate, you will be asked whether you trust it. For more details, see Section 22.7.

© 31. August 2010, v3.0.0-beta1 (last minor changes from 21. September 2010)
The Gpg4win Compendium is filed under the GNU Free Documentation License v1.2.


HOME 20 System-wide configuration and pre-population for
S/MIME Top 22 Files and settings in Gpg4win21 Known problems and help Contents German