On latest release (today) of GPG4WIN and the outlook plugin, how do we know which cert it uses and select which cert it uses? My cert expired and I generated a new cert that won’t expire. but I don’t know if it is using that cert.
It should. But you can unselect in the options “Resolve recipient keys automatically” that will show you which certs will be used.
If you want to know what happens under the hood when it is automatically resolved you can turn on debugging https://wiki.gnupg.org/TroubleShooting#Enable_GpgOL_debugging and search for “Encrypting with protocol” and “Signing key” in the log. That will show the fingerprints of the keys it uses.