check before: 2025-08-29
Product:
Exchange, Intune, Outlook
Platform:
Android, iOS, Online, World tenant
Status:
Change type:
New feature, Admin impact
Links:
Details:
Summary:
A new Intune policy allows admins to set the priority order for SMIME certificate lookup in Outlook mobile, enhancing control and security. Rolling out on August 29, 2025, it is off by default. Configuration details and examples are provided. More information is available [here](https://learn.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/outlook-for-ios-and-android/outlook-for-ios-and-android-configuration-with-microsoft-intune#smime-settings).
Details:
We're introducing a new Intune policy that allows admins to define the priority order for SMIME certificate lookup in Outlook mobile. This gives organizations more control over how certificates are selected when multiple sources are available, improving flexibility and alignment with internal security practices.
[When this will happen:]
This change will begin rolling out on August 29, 2025.
Change Category:
XXXXXXX ... free basic plan only
Scope:
XXXXXXX ... free basic plan only
Release Phase:
Created:
2025-06-28
updated:
2025-06-28
Task Type
XXXXXXX ... free basic plan only
Docu to Check
XXXXXXX ... free basic plan only
MS How does it affect me
XXXXXXX ... free basic plan only
MS Urgency
XXXXXXX ... free basic plan only
MS workload name
XXXXXXX ... free basic plan only
summary for non-techies**
The new Intune policy for SMIME certificate lookup in Outlook mobile allows administrators to customize the order in which Outlook checks various certificate sources, starting August 29, 2025, enhancing security and flexibility by enabling organizations to prioritize sources like personal contacts, company directory, device storage, and external directories according to their needs.
Direct effects for Operations**
SMIME Certificate Lookup Order
If the new Intune policy is implemented without prior configuration, users may experience delays or failures in email encryption due to the default lookup order not aligning with organizational security practices.
- roles: IT Administrators, End Users
- references: https://learn.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/outlook-for-ios-and-android/outlook-for-ios-and-android-configuration-with-microsoft-intune#smime-settings
User Experience with Outlook Mobile
Without proper preparation, users may face confusion or frustration as the default SMIME certificate lookup order may not meet their expectations, leading to potential security risks and decreased productivity.
- roles: End Users, Support Staff
- references: https://learn.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/outlook-for-ios-and-android/outlook-for-ios-and-android-configuration-with-microsoft-intune#smime-settings
Configutation Options**
XXXXXXX ... paid membership only
IT Security**
XXXXXXX ... paid membership only
explanation for non-techies**
XXXXXXX ... free basic plan only
** AI generated content. This information must be reviewed before use.
a free basic plan is required to see more details. Sign up here
A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.
Last updated 2 weeks ago
