Question : Microsoft Outlook encrypted email error message with expired Thawte personal email cert

Here is our problem - Outlook is displaying an error message when decrypting an email. The exact error message is "Microsoft Outlook could not sign or encrypt this message because your certificate is not valid".  After displaying the error message, it still decrypts the email correctly.

Here is what we are doing:
1. We have a web service that encrypts emails on our server.  When our websites need to encrypt a message, it consumes this web service.
2. We registered a Thawte personal email certificate (the Outlook/IE version of the cert).   We add this to the server for the encrypted web service, and we add this to the destination computer running Outlook.
3. Everything works great... for a year.
4. When the Thawte certificate expires, it begins to show the error message above.  
5. To fixe, we have requested a new cert from Thawte that expires a year later.  We install this updated cert on the web server and the destination machine, but the error message does not go away.
6. We have tried deleting all certs on the destination machine before installing the update cert.  

It seems like the Microsoft certificate store is getting corrupted by the expired cert, and it can't get back to its base state after the problem.

Anybody with experience with this?

Answer : Microsoft Outlook encrypted email error message with expired Thawte personal email cert

On the client - open internet options - content tab - clear SSL state.  You may also need to delete temp int files, history, cookies

On the server - you can try exporting the cert including private key, then when going to install it choose the replace option and point to the exported file.