Purpose: Secure Email (S/MIME) certificate installation guide
For Secure Email (S/MIME) certificate on Mozilla Thunderbird on Windows OS
The installation is in four parts:
1) Installing the S/MIME certificate in the personal certificate store
2) Importing the S/MIME certificate to Mozilla Thunderbird profile
3) Signing and Encrypting Messages
4) Storing a contact's secure email certificate (S/MIME exchange)
Part 1 of 4: Installing the S/MIME certificate in the personal certificate store
1. After your ECS Enterprise account administrator has approved the enterprise S/MIME request, or after you have placed your personal S/MIME order, you will be sent an email at the address listed on your request. Select that link.
2. Accept the Client Certificate Agreement that is presented in the browser that opens when you select the certificate pick-up link.
3. Once you have confirmed you can download the certificate, you are prompted with the below "Web Access Confirmation" pop-up. Select "Yes". The prompt is asking you to allow Entrust Datacard to perform digital certificate operations on your behalf, which is required to allow in order to complete the next steps.
4. Your browser will prompt you to download (open or save) a .p12 file. Open the file.
5. A Certificate Import Wizard will open. On the first prompt, select "Current User" and then Next.
6. Confirm you wish to import the .p12 file from the location shown by selecting Next.
7. When you requested the certificate, you were prompted to set up a password to protect the private key. Provide that password here. Also, select "Mark key as exportable..." in case you need to export your certificate in the future.
8. Select the option "Automatically select the certificate store based on the type of certificate".
9. Complete the Wizard by selecting Finish.
10. Your certificate has been successfully imported to the personal certificate store.
1. Go to your email account profile by selecting your email address on the left-hand menu, and then to open your account settings, select View settings for this account.
2. Select Security and then View Certificates to open your Mozilla Thunderbird Certificates Manager.
3. Select the Your Certificates tab and then Import.
4. Select the .p12 file you imported in the previous section.
5. You will be prompted to enter the password you set when you created/purchased the certificate. Enter that password.
6. Your certificate has now been imported to your Mozilla Thunderbird email profile. It will be listed under the Your Certificates tab.
7. Now that the certificate is imported, you must Select to activate it for your account profile. Click OK to leave the Certificate Manager. Still in Account Settings > Security under the Digital Signing section, click the Select button to activate the certificate. Do the same for Encryption.
You can now send digitally signed and encrypted email with this profile.
A new icon, Security, will now appear in your Write message window. You can Encrypt or Digitally Sign messages by selecting either or both options.
Mail sent with a digital signature will show as digitally signed by the sender to any receiver of that email.
To be able to send and receive encrypted email with someone else, note there are some additional steps to complete.
Part 4 of 4: Storing a contact's secure email certificate (S/MIME exchange)1. Send a signed email to a recipient. Make sure that person stores your profile so that they can retain your public key.
2. You will also need a copy of that person's public key. Have them email you a digitally signed email.
3. You will receive the digitally signed email as below. Digitally signed email will appear with the icon outlined in red below.
4. To ensure you have received the sender's public key, got Account Settings > Security > View Certificates. Go to the People tab to confirm the sender's certificate has been stored.
|You can now exchange encrypted emails with that user.|
Hours of Operation:
Sunday 8:00 PM ET to Friday 8:00 PM ET
North America (toll free): 1-866-267-9297
Outside North America: 1-613-270-2680 (or see the list below)
NOTE: It is very important that international callers dial the UITF format exactly as indicated. Do not dial an extra "1" before the "800" or your call will not be accepted as an UITF toll free call.
|Australia||0011 - 800-3687-7863|
|Austria||00 - 800-3687-7863|
|Belgium||00 - 800-3687-7863|
|Denmark||00 - 800-3687-7863|
|Finland||990 - 800-3687-7863 (Telecom Finland)|
00 - 800-3687-7863 (Finnet)
|France||00 - 800-3687-7863|
|Germany||00 - 800-3687-7863|
|Hong Kong||001 - 800-3687-7863 (Voice)|
002 - 800-3687-7863 (Fax)
|Ireland||00 - 800-3687-7863|
|Israel||014 - 800-3687-7863|
|Italy||00 - 800-3687-7863|
|Japan||001 - 800-3687-7863 (KDD)|
004 - 800-3687-7863 (ITJ)
0061 - 800-3687-7863 (IDC)
|Korea||001 - 800-3687-7863 (Korea Telecom)|
002 - 800-3687-7863 (Dacom)
|Malaysia||00 - 800-3687-7863|
|Netherlands||00 - 800-3687-7863|
|New Zealand||00 - 800-3687-7863|
|Norway||00 - 800-3687-7863|
|Singapore||001 - 800-3687-7863|
|Spain||00 - 800-3687-7863|
|Sweden||00 - 800-3687-7863 (Telia)|
00 - 800-3687-7863 (Tele2)
|Switzerland||00 - 800-3687-7863|
|Taiwan||00 - 800-3687-7863|
|United Kingdom||00 - 800-3687-7863|
0800 121 6078
+44 (0) 118 953 3088