How to install S/MIME OV

Step 1: import the Certificate

  1. After you receive the certificate from the CA, follow their instructions to download it to your computer. This usually comes as a .p12 file.
  2. double-click the certificate file and follow the wizard to import it.

Step 2: install the Certificate in Windows

  1. Open Windows Certificate Manager; 
  2. press Windows + R;
  3. type certmgr.msc
  4. press Enter. This will open the Certificate manager; 
  5. navigate to Personal > Certificates; 
  6. right-click on the empty space, select All Tasks > Import; 
  7. use the wizard to browse to the location of your .p12 Certificate file; 
  8. you will need to enter the password provided when you received the Certificate. 

Once imported, the certificate should appear under Personal > Certificates with your name or email address.

Step 3: configure S/MIME in Microsoft Outlook

  1. Open Outlook: launch Microsoft Outlook on your desktop; 
  2. go to Trust Center Settings. Click on File in the top-left corner;
  3. select Options from the left-hand menu;
  4. in the Options window, go to Trust Center and click Trust Center Settings;
  5. in the Trust Center window, select Email Security
  6. under the Encrypted Email section, click Settings
  7. in the Settings window, under Certificates and algorithms, select the Choose button next to Signing Certificate
  8. select the S/MIME Certificate from the list (the one you just imported); 
  9. make sure the same Certificate is selected under Encryption Certificate
  10. choose encryption and hashing algorithms if required (typically RSA for signing, AES for encryption). 

 

Enable digital signatures and encryption (optional):

  1. if you want to always sign your emails, check the box that says Add digital signature to outgoing messages
  2. for encrypting emails by default, check Encrypt contents and attachments for outgoing messages
  3. click Ok to save your changes and close the dialog boxes.

The recipient needs an S/MIME certificate and the correct configuration in their email client to open encrypted messages.

This guide should help you configure S/MIME certificates in Microsoft Outlook. If you're using Outlook for Office 365, the steps are very similar, but the user interface may vary slightly depending on the version.

Step 4: test the S/MIME Configuration

  1. Create a new email. In the Options tab of the message, click the Sign icon (it looks like a pen); 
  2. compose and send the email.

Send an encrypted email (optional):

  1. to send an encrypted email, you must have the recipient’s public key (which they usually send to you in a signed email). Open a new email, go to the Options tab, and click Encrypt
  2. compose and send the encrypted message.

Public Keys are shared through digitally signed emails. When someone receives a signed email, they automatically receive your public key.

Make sure both sender and recipient use email clients that support S/MIME (Outlook, Apple Mail, etc.).

Help us improve

In this guide