When PGP Universal Server or PGP Desktop try to encrypt to keys found at keys.symantec.com:389, an error that the keys are considered invalid, and cannot be encrypted to is displayed. Depending on current policy the email may be blocked or sent as a Web messenger message.
SMTP-31040: fatal exception evaluating policy for recipient *@symantec.com: key can’t be used for encryption -jumping to Exception chain
Keys found at keys.symantec.com:389 do not have the messaging usage flag and therefore cannot be encrypted too the key.
Sample of the Key Usage properties of a key obtained from keys.symantec.com
You will need to modify your Mail Encryption Policy appropriately.
Use one of the following configuration options:
1) Ignore the result and send the message in the clear. 2) Set your key searches to either ignore keys from keys.symantec.com or just not search the keys.symantec.com domain at all.
PGP Desktop 9.9 or later PGP Universal Server 2.9 or later
Imported Document ID: TECH197905
Subscribing will provide email updates when this Article is updated. Login is required.
Thanks for your feedback. Let us know if you have additional comments below. (requires login)
Subscribed to the Article.
Unable to subscribe
Thanks for your additional feedback !!!
Enterprise Support Virtual Agent
Rate Me :
Tell us more:
Welcome! My name is Sami, the Enterprise Support Virtual Agent answering technical support questions.