Message Encryption by Microsoft Office 365 Not Working

Written By Farhan Bin Matin

Microsoft 365 message encryption is a privacy-related feature that provides rights protection and end-to-end email encryption. But like any other service, this feature can sometimes stop working unexpectedly in various manners.

For some, the email encryption option can stop working, while others may have difficulty opening an encrypted message. Both scenarios can severely hamper your productivity.message-encryption-by-microsoft-office-365-not-working

In that regard, let’s dive into this article and discuss everything you need to do when the message encryption by Office 365 is not working.

Why is the Message Encryption by Office 365 Not Working?

End-to-end encryption in Microsoft Workspace is no easy task, as it requires many aspects to become functional. And the subsequent lack of these prerequisites is what causes the message encryption not to work as you expected.

Here’s why the email encryption by Microsoft Office 365 is not working:

  • Microsoft Purview Message Encryption is not supported by your organization.
  • Incorrect configuration for your tenant account in the admin center.
  • You don’t have a valid license to use the MPME feature.
  • IRM(Information Rights Management) is not enabled from the exchange servers.

Not only that, if you can’t open encrypted emails in Outlook 365, you may be trying to access those encrypted messages from a web client, like Outlook on the Web(OWA). And that’s for a good reason as well.

To ensure maximum protection, an encrypted email can only be viewed from a desktop app/client. This feature is also not supported on iOS devices like iPhones or iPads.

Furthermore, you need to have an active Azure Rights Management Service for your Office subscription. Otherwise, the encryption button will not appear in the ribbon.

How to Fix Email Encryption by Microsoft Office 365 Not Working Issue

Unlike some other technical errors, the aforementioned issue won’t go away simply by uninstalling and re-installing Microsoft Office.

To get the email encryption back on track, you have to manually check whether the necessary aspects of using this feature have been met or not and modify the corresponding settings accordingly.

For example, if you’re using your iPhone to check the encrypted messages on Outlook, you need to switch to a Windows desktop client. The same goes for OWA users.

Nonetheless, I have thoroughly explained all the other troubleshooting steps to resolve this issue once and for all. So, read on and don’t skip over any important method.

Follow these solutions to fix message encryption by Microsoft Office 365 not working:

1. Ensure Your Microsoft Subscription/Organization Supports Email Encryption

As I have mentioned before, your organization account’s subscription needs to support the encryption feature. Here’s how to check it:

  • Go to Microsoft Portal and sign in with the account that you’re using for Office 365.
  • Click on Subscription from the left side pane.
  • Scroll down to the Office 365 or Microsoft 365 section.
  • Check whether The latest desktop version of Office appears in the list.check-microsoft-subscription

If you found this entry, you’re good to go. If not, your account/subscription doesn’t support email encryption. In that case, either upgrade to a higher tier of Office 365 subscriptions or inform your organization’s IT admin about the ongoing issue.

2. Check the Sensitivity Labels for Your Account

To ensure that the recipients can open the encrypted messages, you need to configure the sensitivity labels accordingly. To do so:

  • Go to the Microsoft Purview compliance portal and go to Information Protection >
  • Click on the applied sensitivity label from the list and hit Edit label.edit-label-microsoft-portal
  • Tick the Items box from the Define the scope for this label page.items-label-microsoft-portal
  • Check the box for Apply or remove encryption from the Choose protection settings for labeled items page.apply-remove-encryption-portal
  • Select Remove encryption if the file or email is encrypted from the Encryption page.
  • Save the settings.encryption-settings-portal

Now, go back to your email client and check if the message encryption works correctly. If not, move on to the next method.

3. Use Exchange Online Powershell to Configure Your Tenant Account

Another way to troubleshoot email encryption is by checking if your tenant account has permission for Microsoft Purview Message Encryption. Here’s how:

  • Download and install Exchange Online Powershell on your PC and run it.
  • Input the following command and hit Enter:
    Get-OwaMailboxPolicy | fl *IRMEnabled*
  • If IRMEnabled is returned as False, run the following command:
    Set-OwaMailboxPolicy -Identity OwaMailboxPolicy-Default -IRMEnabled $true
  • To get the Encrypt button in OWA, execute the following command: Set-IRMConfiguration -SimplifiedClientAccessEnabled $true

FYI, this method only works if you have an admin account. If not, contact your organization’s IT admin and ask them to perform the above-mentioned method.

4. Make Sure the Azure Rights Management Service is Connected to Your Account

Similar to the previous solution, you need to ensure that your account is connected to the Azure Rights Management Service if you’re unable to open encrypted email in Outlook. This method also requires an account with admin access.

If you have one, execute the following Powershell commands:

$request = [System.Net.HttpWebRequest]::Create(“”)

The CA value in the return dialogue should mention Microsoft, like CN=Microsoft Secure Server CA 2011.

If not, the secure client-to-service connection has been terminated for your account and needs to be resolved by the Microsoft support team.

5. Verify Your Account’s Licenses

In case the Microsoft Purview Message Encryption is not opening for your account, you need to verify that your account has the correct license to use this feature.

Unfortunately, there are no buttons or commands that will show you whether you have the correct license or not.

To check it, you have to disconnect your account from your device manually using Control Panel > User Accounts > Credential Manager > Windows

Then, sign in with another account that has the necessary licenses and permissions to send/view encrypted messages.

To Conclude

Whether your Office 365 encrypted email got stuck loading or you can’t find the Encrypt button in Outlook, following this article should fix all the message encryption-related issues for Microsoft 365 users.

Anyway, that’s all there was to say for today. In case you need further assistance with Microsoft services, feel free to visit our website.


About The Author
Farhan is a tech researcher and enthusiast. He’s been into tech and gaming since he got a PS2 in his childhood.Currently, he’s almost done with his undergrad.Besides testing and researching geeky stuff, Farhan has an utmost passion for photography.

Leave a Comment