Ahhh CACs, love it. I've found that in order for me to send encrypted messages from Outlook, either A) I need to import the person into my Contacts and make sure their public key encryption cert is there or B) make sure the person has published their public key cert to the GAL (Global Address List) so it's picked up automatically. Yes, that goes for sending test messages to myself as well, because Outlook treats my address as any other address. Sending encrypted messages to yourself should work as long as the sending machine has your account in Contacts with a cert attached to it.
8 Untrusted Certificate Authority Problems PIV Login for Macs. Outlook Encryption Problems pop-up error message. If you do not see the pop-up or contact options, your recipient does. Your recipient's certificates are listed in the Certificates (Digital IDs). Digital ID not found pop-up error message. Troubleshooting SSL related issues (Server Certificate); 10 minutes to read Contributors. In this article. Your SSL certificate. Notice, that the Guid is all zero in a non-working scenario. You may see the Hash either having some value or blank. Even if we remove the certificate from the web site, and then run 'httpcfg query ssl.
As for your coworker's encryption partner, your coworker will need the person's public key before he can send any encrypted messages to that person, so either he'll have to get the person's certificate in a signed message, or that person will have to publish the cert to a GAL.