|
|
|
|
| 21 Known problems and help | Contents |
|
It may happen that the menus and dialogs added to Outlook by GpgOL can no longer be found.
This may be due to a technical problem that caused Outlook to deactivate the GpgOL component.
Reactivate GpgOL via the Outlook menu:
Outlook2007: ? -> Deactivated components
Outlook2003: ? -> Info -> Deactivated components
To (de)activate GpgOL manually, use Outlook's add-in manager:
If there are already a lot of buttons on the toolbar of the message window, Outlook 2003 will not necessarily display GpgOL's signature/encryption icons.
You can display these buttons by clicking on the small icon with the arrow pointing downwards on the tool bar (Options for toolbar): You will see an overview of all non-displayed buttons. Clicking on an entry will move it into the visible area of the toolbar.
Outlook 2007 introduced the so-called "ribbon" interface. This multi-functional bar in the Outlook message window has different tabs. The GpgOL buttons (for encryption, signatures etc.) are organised under the "Add-Ins" tab; Outlook saves all buttons of extensions in that location. It is not possible to integrate the GpgOL buttons under "Messages", for example.
You can adjust your tool bar for quick access and add the toolbar commands of the Add-Ins tab.
If you have first installed Gpg4win (and hence the GpgOL program component) on a drive, then uninstalled it and re-installed it on another drive? If yes, it is possible that Outlook will continue to search for the GpgOL path on the first (old) drive.
This means that the GpgOL program extension is no longer started when Outlook starts, and the following error message appears:
The extension '<old path to gpgol.dll>' could not be installed or loaded. The problem can be solved by using 'Detect and repair' in Help, among other things.
You can solve this problem by resetting the internal Outlook (cached)
program extension path. To do this, please delete the following
file:
%APPDATA%\Lokale
Einstellungen\Application data\Microsoft\Outlook\extend.dat
Outlook should not be running during this process. Then restart Outlook, and it should work fine with GpgOL.
Please note that it is not possible to install Gpg4win on a virtual drive simulated with the command subst. These virtual drives can only be used locally by the current user. System services, such as DirMngr, do not see these drives. Therefore the installation path is not valid - the installation will stop with error type error:StartService: ec=3. Please install Gpg4win on a drive that is available across the system.
To check or decrypt signed or encrypted InlinePGP e-mail(s) sent by the Outlook program extension "CryptoEx", S/MIME support must be activated in the GpgOL options.
Make sure that the following option is active in Outlook under
Extras -> Options -> GpgOL:
Activate
S/MIME support.
The "Directory Manager" (DirMngr) is a service installed by Gpg4win, which manages access to certificate servers. One task of the DirMngr is to load certificate revocation lists (CRLs) for S/MIME certificates.
It is possible that S/MIME operations (signature creation and check, encryption and decryption) cannot be performed because DirMngr is not available. Therefore Gpg4win default settings must ensure that DirMngr checks the revocation lists - if this is not done, the operation cannot be performed, since it means the potential use of a compromised certificate.
To address this problem, the system administrator restarts DirMngr. This is done via System control -> Administration -> Services. You will see DirMngr in the list - and the service can be restarted via the context menu.
It is possible that S/MIME operations (signature creation and check, encryption and decryption) cannot be performed because the CRLs are not available. Therefore Gpg4win default settings must ensure that revocation lists are checked - if this is not done, the operation cannot be performed, since it means the potential use of a compromised certificate.
Help is provided by setting up an acting service ("proxies")for picking up revocation lists (see Section 22.5).
In an emergency (or for testing purposes, CRL checks can also be
turned off. To do this, open the Kleopatra menu
Settings -> Set up Kleopatra and then the group
S/MIME check. Activate the option Never consult
recovation lists.
Attention: Be aware that this also means
that you run a higher risk of using a compromised certificate. Turning
off the revocation list check is never a substitute for setting up a
proxy.
The respective root certificate must be trusted for a full review of X.509 certificate chains. Otherwise it is not possible to perform S/MIME operations (signature creation and check, encryption and decryption).
To express your trust in a root certificate, you have two options.
© 31. August 2010, v3.0.0-beta1 (last minor changes from 21. September 2010)
The Gpg4win Compendium is filed under the
GNU Free Documentation License v1.2.
|
|
|
|
| 21 Known problems and help | Contents |
|