Suppress certificate email check
The Email+ app can now suppress the verification of certificates using email address in case of email address or domain mismatch. To enable this feature add the smime_suppress_certificate_email_check value to the enabled_features key-value pair. When the Email+ app receives an email signed with a certificate, where the email address or domain differs from the sender's email address, the Email+ app associates the certificate with the sender's email address, so that the Email+ app can use the certificate when sending encrypted emails to the sender.
The smime_suppress_certificate_email_check feature works only when the modern_sync_engine value is configured for the enabled_features key-value pair.
Adding possibility to search encryption certificates in Global Address List (GAL) and local Keystore. The Email+ app now supports manual searching and adding correct certificates from GAL and local Keystore and associating them with the correct recipient. The "Encryption certificates" section appears on the Contact Details screen with the list of the contact's associated certificates. Users can also add and delete certificates in the Contact Details screen.
The "Add encryption certificate" option allows to search the full name of the contact or email displaying the entries with encryption certificates. The Contact Details screen can be opened from Contacts as well as from the Compose Email screen and Event Details screen by tapping on the contact.
If email in the S/MIME certificate doesn't correspond to email of the Exchange user, then this certificate cannot be returned by server when we search in GAL.
The receiver should save the encryption certificate and make association for the certificate if the certificate in the email is different than the sender's email.