iOS 5 - Secure E-mail

Apple iOS 5 for iPhone, iPod and iPad offers a host of new functions, among which the option of securely sending e-mail using the S/MIME protocol. In order to send secure e-mails, S/MIME uses a digital certificate to sign or encrypt the messages digitally.

What do you need?

For this feature to work you will need a digital signature permitting the key usage 'digital signature', which is the case with e-mail certificates by both Sectigo (Comodo) and GlobalSign.

E-mail Signing

Sign all outgoing e-mail using a certificate which identifies you or your company as the sender of the e-mail. This enables the recipient to check whether or not the received e-mail was, in fact, sent by you.

E-mail Encryption

A digital certificate consists of a private and a public key. When encrypting an e-mail, the public key of the recipient's certificate is used. After having sent the e-mail, the recipient uses the private key belonging to his certificate to decrypt the message. Using e-mail encryption thus ensures a confidential exchange of messages where only the recipient of your messages (owner of the used public key) possesses the means of reading them.


Now follows a description of the necessary steps:

  1. There are different methods to install the certificate on the device:
    • use the appropriate configuration program on, for example, a USB token
    • export the certificate as a .pfx file and e-mailing it to yourself as an attachment, so it can be opened on the device
  2. On the device, go to Settings Mail Calendars and choose your exchange account followed by the option Advanced. Here you will be able to see the following settings:
SettingActivate following
Receiving/reading encrypted e-mail S/MIME
Signing outgoing e-mail of a selected account Sign (choose the correct certificate for signing)
Encryption of outgoing e-mail from selected account* Encrypt (choose the correct certificate for signing)

*This option requires you to have the recipient's digital certificate. Obtaining this certificate can be accomplished by receiving a signed e-mail from the person you wish to send encrypted e-mails to.


Our SSLCheck will examine your website's root and intermediate certificates for correctness and report any potential issues

point up