Outlook 2010 - Installation and use of Digital Signature
As soon as the certificate is ready, an email is sent with a link to the download-section of the SSL certificates website. A button can be found there with which the certificate can be downloaded. When the certificate has been downloaded it can be installed by doubleclicking it, this starts the Certificate Import Wizard. The default settings can be used for all steps shown in this wizard; click Next three times and then click Close to install the certificate.
Link digital signature to Outlook
- Open Outlook.
- At the top left of the window, click the File ribbon and in the left panel click Options.
- Click Trust Center at the bottom of the options menu, and then click Trust Center Settings... at the bottom of the right panel.
- In the left menu click Email Security and under the heading Encrypted email on the right hand side click Settings... .
- Click Choose... next to Signing Certificate and choose the email certificate from the list. You can check the email address in the certificate by clicking View Details and looking at Subject on the Details tab. Then click OK.
- Check the box next to the option Add Digital Signature to outgoing messages; this will make all outgoing messages digitally signed by default.
- Then click OK twice and click Close.
Configure Outlook to enable message encryption
- Open Outlook.
- At the top left of the window click the File ribbon and then click Options in the left panel.
- At the bottom of the options-menu click Trust Center, and then click Trust Center Settings... at the bottom of the right panel.
- Click Email Security in the left menu and then click under the heading Encrypted email on the right hand side click Settings... .
- Click Choose... next to Signing Certificate and pick the email certificate from the list. The email address in the certificate can be verified by clicking View certificate and checking the Details under Subject. Then click OK.
In order to be able to encrypt a message the email certificate of the addressed party is required; the addressed party has to already be in possession of a digital signature, and has to have sent a digitally signed email to you previously. When the sender has added the addressee as a contact in his address book, the digital signature is also automatically saved. From then on it can be used to send encrypted messages.
Encrypt an email message
- Open a new email message.
- Click the Options-ribbon and press the button Encrypt.
Check if the digital signature has been installed
In the Current User Certificate Store you can check whether the certificate has been installed correctly:
- Click the Start menu and then click Run.
- In the text box, enter certmgr.msc and click OK. This opens the Certificate Store of the Current User.
- Click the plus sign next to Personal and click the underlying folder certificates to show the list of installed certificates in the right panel.
- Double click a certificate to see the details. On the tab General should be a message near the bottom of the window stating You have a Private Key corresponding to this certificate. On the Details tab you can see for which email address the certificate was published.
Multiple signatures with different accounts
It is possible to work with more than one certificate when you have multiple accounts configured in Outlook. It is hereby recommended to rename the certificates using the certmgr.msc service, so it's easier to see which certificate is used for what account. Beware when using more than two accounts in Outlook, you will need to assign every account a signature. Otherwise the accounts without signature will stop working. A possible workaround for this would be to work with different Outlook profiles. Follow the steps below to rename the certificates:
- Click on the Start menu, and then on Run.
- Enter certmgr.msc and click on OK. This will open the Certificate Store for the Current User.
- Click on the plus(+) sign next to Personal and select the underlying Certificates folder to view the installed certificates in the rightmost panel.
- Right-Click on the certificate for which you would like to change the friendly name, and select Properties to change the Friendly Name in the top most field.