July 07, 2015

Secure & Encrypt Emails in Outlook with a Digital ID (Certificate)

2753 Views

By digitally signing an email message, you apply your unique digital mark to the message. The digital signature includes your certificate and public key, which originate from your digital ID. A digitally signed message proves to the recipient that you, not an impostor, signed the contents of the message, and that the contents haven’t been altered in transit. For additional privacy, you can also secure & encrypt emails in outlook.

A digital ID is issued by an independent certification authority.

Your organization may have policies that require a different procedure. See the network administrator for more information.

You can also look here to find other sources of digital certificates.

Caution:

While obtaining the personal Digital ID, you must ensure that the email address used in the certificate registration matches the email id used by outlook.

Steps:

  1. Obtain a free email certificate from any certificate authority
  2. Download the certificate and install in your PC local certificate store
  3. Confirm installation of the certificate in your machine’s local certificate store:
  4. Export the certificate from your certificate store into a FPX file
  5. Import the certificate in outlook
  6. Activate encryption for mails in Outlook
  7. Send Email from Outlook and choose Encrypt or Put a Digital Signature

1. Obtain a free email certificate from comodo

  1. For Demonstration, I have chosen Coomodo for my CA. Visit this page
  2. Fill out your personal details for certificate issuances1
  3. Accept Subscriber Agreements2

2. Download the certificate and install in your PC local certificate store

  1. Confirmation about the certificate registration will be send to the email id provideds3
  2. Check for confirmation mail to download the certificate in the mail id provided by you.s4
  3. Login to their site and provide the information sent in emails5
  4. Successful login will automatically install the certificate in your local certificate stores6
  5. You can view the certificate by clicking on View button.

3. Confirm installation of the certificate in your machine’s local certificate store:

  1. Open MMC by typic MMC in search window of Windows Start Menus7
  2. Add certificate snapin from MMC File Menus1
  3. Choose Certificate Snapin from the list and click Adds2
  4. Select my user account and then confirm by clicking Finish, and then OK.s3
  5. View the certificate from the store reflecting your personal emal ID.s4

4. Export the certificate from your certificate store into a FPX file

  1. From the above store, select the certificate, right click and choose ALL Task -> Exports5
  2. Follow the onscreen Certificate Export Wizard and go to next windows6
  3. Export Private Keys7
  4. Select the default FPX options8
  5. Select a password for your private keys9
  6. Select a folder location to store your certificate and provide a certificate names10
  7. Select Finish from export wizard confirmation windows11

5. Import the certificate in outlook

  1. Open Outlook
  2. Click the File tab
  3. Click Optionss12
  4. Click Trust Center
  5. Under Microsoft Outlook Trust Center, click Trust Center Settingss13
  6. On the E-mail Security tab, under Digital ID, select Import/Exports14
  7. Browse to the location where the certificate was exported and select the PFX files16
  8. Provide the password for your private key as set earlier and click OKs17
  9. Click OKs18

6. Activate encryption for mails in Outlook

Once you are done importing the certificate in outlook, its time to actually activate the additional email security features in Outlook before a mail can be encrypted.

  • On the E-mail Security tab, under Encrypted Mail, select the Add digital signature to outgoing messages check boxs20
  • Select Setting for your Encrypted e-mails21
  • You can choose different certificates for Signing certificate and encryption certificate or same certificate. Click on "Choose" buttons22
  • If available, you can select one of the following options:

If you want recipients who don't have S/MIME security to be able to read the message, select the Send clear text signed message when sending signed messages check box. By default, this check box is selected.

To verify that your digitally signed message was received unaltered by the intended recipients, select the Request S/MIME receipt for all S/MIME signed messages check box. You can request notification telling you who opened the message and when it was opened, When you send a message that uses an S/MIME return receipt request, this verification information is returned as a message sent to your Inbox.s23

  • Provide a name to current Security settings and click OK
  • To change additional settings, such as choosing between multiple certificates to use, click Settings.
  • Click OK on each open dialog box.

7. Send Email from Outlook and choose Encrypt or Enforce a Digital Signature

s20

Conclusion:

By obtaining and using a personal email certificate to digitally sign your messages you can help to stem the tide of spam and malware being distributed in your name. If your friends and family are conditioned to know that messages from you will contain your digital signature, when they receive an unsigned message with your email address spoofed as the source they will realize that its not really from you and delete it. And its free to obtain a personal certificate that you can always use to make sure your confidential communications reach their intended targets and vice-versa.

Leave a Reply

Your email address will not be published. Required fields are marked *