Purpose: Secure Email (S/MIME) certificate installation guide
For Secure Email (S/MIME) certificate on Outlook 2016 on Windows OS
There's a video for this guide. Watch the video here.
The installation is in four parts:
1) Installing the S/MIME certificate in the personal certificate store
2) Updating Security Settings to link the S/MIME certificate to Outlook profile
3) Signing and encrypting messages
4) Storing a contact's secure email certificate (S/MIME exchange)
Part 1 of 4: Installing the S/MIME certificate in the personal certificate store
1. After your ECS Enterprise account administrator has approved the enterprise S/MIME request, or after you have placed your personal S/MIME order, you will be sent an email at the address listed on your request. Select that link.
2. Accept the Client Certificate Agreement that is presented in the browser that opens when you select the certificate pick-up link.
3. Once you have confirmed you can download the certificate, you are prompted with the below "Web Access Confirmation" pop-up. Select "Yes". The prompt is asking you to allow Entrust to perform digital certificate operations on your behalf, which is required to allow in order to complete the next steps.
4. Your browser will prompt you to download (open or save) a .p12 file. Open the file.
5. A Certificate Import Wizard will open. On the first prompt, select "Current User" and then Next.
6. Confirm you wish to import the .p12 file from the location shown by selecting Next.
7. When you requested the certificate, you were prompted to set up a password to protect the private key. Provide that password here. Also, select "Mark key as exportable..." in case you need to export your certificate in the future.
8. Select the option "Automatically select the certificate store based on the type of certificate".
9. Complete the Wizard by selecting Finish.
10. You certificate has been successfully imported to the personal certificate store.
Part 2 of 4: Updating Security Settings to link the S/MIME certificate to Outlook profile
1. Launch Outlook 2016.
2. Select: File | Options
3. Select: Trust Center | Trust Center Settings
4. Select: E-mail Security.
5. Click on the settings button.
5. Click on the Settings and enter the below settings:
Cryptographic Format: S/MIME should be selected.
Signing Certificate: Select your secure email certificate – click CHOOSE and select your certificate from the list.
Encryption Certificate: Select your secure email certificate – click CHOOSE and select your certificate from the list.
6. Click OK.
Part 3 of 4: Signing and Encrypting Messages
Now that you have your secure email certificate installed, you can Sign and Encrypt email messages.
To Sign an Email Message, simply click the Sign button that now appears on a Compose Message email dialogue under the Options tab. There is no other setup required.
When users receive your email, they will see a message that the email has been digitally signed.
However, note to exchange secure emails with someone, there are some additional steps required.
Part 4 of 4: Storing a contact's secure email certificate (S/MIME exchange)
To Encrypt an email Message, you will need to provide your public key to the party you wish to encrypt for, and vice versa.
The recommended way to do this exchange is to send the other party a Signed email to exchange keys
1. Open a new message to send to the contact with whom you wish to exchange public keys. Ensure the message is digitally signed (but not encrypted) and hit send. You will be prompted to Allow for your public key to be sent upon sending the email. Select Allow.
2. You will need a copy of the recipient's public key to exchange Encrypted email. Have them send you a digitally signed email. After receiving the digitally signed email containing a copy of the other person's public key, Outlook will store the public key. Upon opening the email you will be prompted again. Select Allow to obtain a copy of the public key being sent to you.
3. You can make sure the recipients 's certificate and public key have been stored by clicking on Certificates in their contact profile. Add the contact by opening their email, right-clicking on their name and selecting "Add to Outlook Contacts".
4. Click Save and Close.
|You can now exchange encrypted emails with that user.|
Hours of Operation:
Sunday 8:00 PM ET to Friday 8:00 PM ET
North America (toll free): 1-866-267-9297
Outside North America: 1-613-270-2680 (or see the list below)
NOTE: It is very important that international callers dial the UITF format exactly as indicated. Do not dial an extra "1" before the "800" or your call will not be accepted as an UITF toll free call.
|Australia||0011 - 800-3687-7863|
|Austria||00 - 800-3687-7863|
|Belgium||00 - 800-3687-7863|
|Denmark||00 - 800-3687-7863|
|Finland||990 - 800-3687-7863 (Telecom Finland)|
00 - 800-3687-7863 (Finnet)
|France||00 - 800-3687-7863|
|Germany||00 - 800-3687-7863|
|Hong Kong||001 - 800-3687-7863 (Voice)|
002 - 800-3687-7863 (Fax)
|Ireland||00 - 800-3687-7863|
|Israel||014 - 800-3687-7863|
|Italy||00 - 800-3687-7863|
|Japan||001 - 800-3687-7863 (KDD)|
004 - 800-3687-7863 (ITJ)
0061 - 800-3687-7863 (IDC)
|Korea||001 - 800-3687-7863 (Korea Telecom)|
002 - 800-3687-7863 (Dacom)
|Malaysia||00 - 800-3687-7863|
|Netherlands||00 - 800-3687-7863|
|New Zealand||00 - 800-3687-7863|
|Norway||00 - 800-3687-7863|
|Singapore||001 - 800-3687-7863|
|Spain||00 - 800-3687-7863|
|Sweden||00 - 800-3687-7863 (Telia)|
00 - 800-3687-7863 (Tele2)
|Switzerland||00 - 800-3687-7863|
|Taiwan||00 - 800-3687-7863|
|United Kingdom||00 - 800-3687-7863|
0800 121 6078
+44 (0) 118 953 3088