Skip to main content

How do I install my Secure Email (S/MIME) certificate on Apple Mail (Mac OS X)

Summary

Installation guide for Secure Email (S/MIME) certificate on Apple Mail on Mac OS X.


User-added image

Purpose: Secure Email (S/MIME) certificate installation guide
For Secure Email (S/MIME) certificate on Apple Mail on Mac OS X
User-added image

The installation is in three parts:

1) Importing S/MIME certificate to Keychain Access

2) Sending digitally signed and encrypted messages with Apple Mail

3) Storing a contact's Secure Email certificate (S/MIME exchange)

Part 1 of 3: Importing S/MIME certificate to Keychain Access

1. Click on the link in your certificate pickup email. Note the below image shows a pick-up email for a personal S/MIME, however this process is the same regardless if you've obtained a personal S/MIME from our retail site, or if you've obtained an Enterprise S/MIME issued to you from an ECS Enterprise account.

2. A browser window will open. Enter the password you used when you placed order or created certificate using ECS Enterprise account.

User-added image

3. Import the .p12 file by saving it. Open the file. You will be asked to provide a password to open the file. Provide the same password provided in step 2.

4. The Keychain Access app should open automatically after providing the password. If not, you can find it in your apps by searching for "keychain".

User-added image

5. In Keychain Access, on the left-hand menu under Category g o to Certificates. There, you will see the imported certificate with the identity related to the email address for which it was made. Click on the certificate. Note there is an error "This certificate was signed by an unknown authority". You will need to download the Entrust CA intermediate certificate.

User-added image

6. You can do so by selecting command+clicking on the certificate, and then selecting Get Info .

User-added image

7. Now, under details, scroll down to Method #2 and select the URL. This will download the Entrust intermediate CA certificate.

User-added image

8. Open the downloaded .cer file.

User-added image

9. You will be asked if you want to add the certificate to a login keychain. Confirm you do by selecting Add .

User-added image

10. The Entrust intermediate CA certificate and 2048 Root certificate will now appear in Keychain Access > Certificates.

User-added image

11. As a result of importing the Entrust intermediate CA certificate and Root 2048 certificate and chaining them to your S/MIME certificate, your S/MIME certificate should now be valid.

User-added image

The secure email certificate has been successfully imported to Keychain Access.

Part 2 of 3: Sending digitally signed and encrypted messages with Apple Mail

1. Open a new message. Note two new icons will be available: (1) a small lock icon (2) a digital signature icon.

User-added image

2. You can send a digitally signed email by having the digital signature option turned on. The recipient will receive the message as a digitally signed email.

To send Encrypted email there are some additional steps required to allow the recipient to decrypt the email.

Part 3 of 3: Storing a contact's Secure Email certificate (S/MIME exchange)

You must exchange public keys with a user in order to exchange Encrypted email. To do so send the user a digitally signed email and have them respond to you with a digitally signed email. Upon receiving the digitally signed email, add the user's contact by finding the update button on the right side of the message header.

User-added image

You can now send that user an Encrypted email and they will be able to view its contents.

You can confirm you have added the user's certificate by checking Keychain Access and seeing their certificate listed there.

If you have any questions or concerns please contact the Entrust Certificate Services Support department for further assistance:

Hours of Operation:
Sunday 8:00 PM ET to Friday 8:00 PM ET
North America (toll free): 1-866-267-9297
Outside North America: 1-613-270-2680 (or see the list below)
NOTE: It is very important that international callers dial the UITF format exactly as indicated. Do not dial an extra "1" before the "800" or your call will not be accepted as an UITF toll free call.

Country Number
Australia 0011 - 800-3687-7863
1-800-767-513
Austria 00 - 800-3687-7863
Belgium 00 - 800-3687-7863
Denmark 00 - 800-3687-7863
Finland 990 - 800-3687-7863 (Telecom Finland)
00 - 800-3687-7863 (Finnet)
France 00 - 800-3687-7863
Germany 00 - 800-3687-7863
Hong Kong 001 - 800-3687-7863 (Voice)
002 - 800-3687-7863 (Fax)
Ireland 00 - 800-3687-7863
Israel 014 - 800-3687-7863
Italy 00 - 800-3687-7863
Japan 001 - 800-3687-7863 (KDD)
004 - 800-3687-7863 (ITJ)
0061 - 800-3687-7863 (IDC)
Korea 001 - 800-3687-7863 (Korea Telecom)
002 - 800-3687-7863 (Dacom)
Malaysia 00 - 800-3687-7863
Netherlands 00 - 800-3687-7863
New Zealand 00 - 800-3687-7863
0800-4413101
Norway 00 - 800-3687-7863
Singapore 001 - 800-3687-7863
Spain 00 - 800-3687-7863
Sweden 00 - 800-3687-7863 (Telia)
00 - 800-3687-7863 (Tele2)
Switzerland 00 - 800-3687-7863
Taiwan 00 - 800-3687-7863
United Kingdom 00 - 800-3687-7863
0800 121 6078
+44 (0) 118 953 3088