"No usable encryption key found; message cannot be encrypted"
"Get Encryption Key for email email@example.com failed with error server search failed (-11285)"
A possible cause of this issue is that the email encryption rule being invoked is the "Opportunistic Encryption" rule, which will attempt to find a key for any recipient being emailed. If a suitable key is found, the message can be encrypted. If no key is found, then the message will be sent unencrypted.
With Opportunistic Encryption, if no key is found, an attempt to search keyservers will be performed. If port 389 or 636 to applicable keyservers is closed, or none of the configured keyservers can be reached, no key can ever be found "opportunistically" via the keyserver, and therefore the message will stay in the Outbox until a keyserver can be searched successfully.
In order to resolve this behavior, enable ports 389 or 636, whichever applies to the keyserver in question, or make sure that there is proper connectivity between the endpoint and the keyserver. Then send the message again. If this is not possible, disable the keyserver search in the rule, or disable the Opportunistic Encryption rule and configure a customized rule that can work for a particular scenario.
Subscribing will provide email updates when this Article is updated. Login is required.