How to activating S/MIME

Step 1: Start the Procedure

  1. Go to the website and log in to your Customer Area. For more details on how to access the Customer Area, read the guide;
  2. select Dashboard;
  3. select Activate Now, according to the S/MIME service you want to activate.

Step 2: Enter the Recipient’s Details

  1. Enter the First and Last Name of the person who will use the certificate: this can be the person who purchased the certificate or someone else;
  2. enter the email address where instructions will be sent to verify the email and your identity, in order to activate the certificate;
  3. click on Request. Check that the recipient’s details you just entered are correct, then click Confirm and Continue.

All future communications will be sent to the email address you provided.

Step 3: Verify the Technical Contact’s Details

The recipient’s details are automatically used as the technical contact. You can add a phone number if you wish.

The technical contact will receive communications regarding changes to the Certificate.

Step 4: Enter the Organizational Contact’s Details (OV and SV only)

  1. Enter the First and Last Name of the organizational contact;
  2. provide their email address;
  3. click Confirm and Continue.

The organizational contact will receive communications regarding the organization’s verification.

The technical and organizational contacts are often different: they can be the same only if the person indicated is a responsible person verifiable from independent public organizational sources, or in the case of a sole proprietorship owner.

Step 5: Enter the Applicant Organization’s Details (OV and SV only)

  1. Enter the VAT number or tax code;
  2. enter the Company Registration Number;
  3. indicate the Country of incorporation;
  4. enter the DUNS Number;
  5. click Confirm and continue.

Step 6: Upload Proof of Professional Relationship (SV only)

To complete the request for an SV (Verified Subject) S/MIME certificate, you must upload a document called Proof of Professional Relationship. This document will confirm the role of the applicant within the organization you indicated in the previous step.
The documentation must include:

  • Applicant’s details: name, surname, and company role/position;
  • Organization’s details: company name and full address;
  • Professional role: specific function performed (e.g., IT Manager, Security Officer);
  • Reason for the request: reason why the document is needed (“S/MIME Activation”);
  • Date of attestation: date the document is signed;
  • Formal declaration: a statement such as “We hereby certify that [Name Surname] holds the position of [role] at [Company]…”;
  • Referee’s signature: legible, manual or digital signature. It must be the signature of an authorized company representative, such as an HR manager, IT director, security officer, or CEO;
  • Referee’s contact details: email or phone number for any checks.

To upload the document, click Select File or drag your document into the box. Click Send Now.

You can choose to upload the document later: in this case, click Upload and Send Later.

Step 7: Check the Details and Accept the Terms and Conditions

Check the details and click Start Verification.
Now you just have to wait for the data verification.


After starting the verification, the system will send a verification email to the address you provided for the certificate holder in step 2. In the email, you will see a link: follow it to confirm your email address.

Step 8: Complete Identification (IV and SV only)

If you have an IV or SV, at the end of the procedure you will receive an email asking for your consent to the processing of personal and biometric data. In the email, you will see a link: follow it to give your consent.

Once you have given consent, you will receive another email from which you can complete biometric identification (face recognition) with IDenfy. Click the Start Verification on IDenfy button. It will only take 5-10 minutes to complete the biometric identification!

The link to access the identification procedure is valid for 24 hours. Once you start the identification procedure, you have 30 minutes to complete it.

Have a valid ID document (identity card or passport) ready, make sure your device’s camera is active, and you have a stable internet connection.

Follow the procedure. During the process, you will be asked to take a photo of the document and the certificate holder’s face. The system will compare the face photo with the one on the document.

To speed up the identification process, keep these tips in mind when taking a photo of your ID:

  • frame the document well and make sure all data is clearly readable;
  • keep your phone steady and stable;
  • avoid reflections and strong lights;
  • place the document on a flat, neutral-colored surface. Do not hold the document in your hand.

If biometric identification is successful, you will receive a confirmation email.

 

If biometric identification fails, you will receive a series of emails inviting you to try again. After 2 failed attempts, the system will offer you an alternative identification procedure based on Qualified Electronic Signature (QES).

The alternative procedure is as secure as the biometric one, as it complies with the same regulations applied to biometric verification. It guarantees the same level of security and has the same legal value.

To proceed with the alternative identification:

  1. click the Use the Alternative Process button in the email notifying you of the failed identification;
  2. enter the recipient’s details as requested;
  3. click Send Request;
  4. check that the data shown on screen is correct. If not, click Go Back and edit them. If correct, click Download the Form;
  5. wait for the form to download and click Continue. Have the person who will use the certificate sign the form you just downloaded. They must use the eIDAS signature;
  6. click Select File to upload the signed eIDAS file. Click Send Request.
  7. it will take 3-5 business days to complete the process and issue the Certificate.

The signature will be accepted if:

  • it is issued by an EU-accredited Certifier. The digital signature issued by Aruba is one of those accepted. More generally, a remote signature with OTP and strong authentication is also acceptable;
  • it uses a qualified electronic signature device, such as a smart card, USB token, or app with strong authentication;
  • it has the same legal value as a handwritten signature (EU Regulation No. 910/2014 – eIDAS).

 

The signature will NOT be accepted if:

  • it is drawn with a mouse;
  • it is made using an uncertified PDF editor;
  • it was affixed with tools not configured for QES, such as Adobe Sign.

Step 9: Check the Issuance of the S/MIME Certificate

At the end of all steps, log in to your Customer Area to see your S/MIME certificate in .p12 format.
Follow the guide to install the S/MIME Certificate.

You will receive the S/MIME Certificate password in the confirmation email.

Help us improve