Renewing S/MIME Certs in Windows Vista & Windows 7

Back to S/MIME Tutorial

While attempting to update an expired secure email cert, Vista users may receive the following error from the Thawte website:

Thawte 424 object required

This issue can be resolved using the Mozilla Internet browser to request the certificate.

Export from Mozilla

In Mozilla, went to Tools > Options > Advanced section > Encryption tab > View Certificates > Your Certificates > Backup

Convert

Before the exported certificate can be imported, the MIME type must be converted to “application/x-x509-user-cert”. This can be accomplished using the ad-hoc Firefox PKCS7 mimetype converter.

Import with Internet Explorer 7 & Internet Explorer 8

Tools > Internet Options > Content > Certificates > Personal
Click Import
Click Next
When you browse for your cert file, be sure to filter for the P12 filetype.

Update Email Client Settings

When replacing an expired certificate in Windows Live Mail, users will need to select the new certificate to be used for signed and encrypted emails. Otherwise the following message will appear:

Security Warning

Your digital ID for this account has expired
Windows Live Mail has found several valid digital IDs on your computer. Would you like to choose which digital ID to use when sending digitally signed mail from this account?
[Send Without Signing] [ Cancel ]

Oddly, neither of the options take you to where the digital ID can be selected.

Tools > Accounts > [Select the account associated with the cert] > Properties > Security Tab

From here you can choose which certs you want to use.

Back to S/MIME Tutorial