iOS 5 - Secure E-mail

Apple iOS 5 for iPhone, iPod and iPad offers a host of new functions, among which the option of securely sending e-mail using the S/MIME protocol. In order to send secure e-mails, S/MIME uses a digital certificate to sign or encrypt the messages digitally.

What do you need?

For this feature to work you will need a digital signature permitting the key usage 'digital signature', which is the case with e-mail certificates by both Sectigo (Comodo) and GlobalSign.

E-mail Signing

Sign all outgoing e-mail using a certificate which identifies you or your company as the sender of the e-mail. This enables the recipient to check whether or not the received e-mail was, in fact, sent by you.

E-mail Encryption

A digital certificate consists of a private and a public key. When encrypting an e-mail, the public key of the recipient's certificate is used. After having sent the e-mail, the recipient uses the private key belonging to his certificate to decrypt the message. Using e-mail encryption thus ensures a confidential exchange of messages where only the recipient of your messages (owner of the used public key) possesses the means of reading them.


Now follows a description of the necessary steps:

  1. There are different methods to install the certificate on the device:
    • use the appropriate configuration program on, for example, a USB token
    • export the certificate as a .pfx file and e-mailing it to yourself as an attachment, so it can be opened on the device
  2. On the device, go to Settings ? Mail ? Calendars and choose your exchange account followed by the option Advanced. Here you will be able to see the following settings:
SettingActivate following
Receiving/reading encrypted e-mail S/MIME
Signing outgoing e-mail of a selected account Sign (choose the correct certificate for signing)
Encryption of outgoing e-mail from selected account* Encrypt (choose the correct certificate for signing)

*This option requires you to have the recipient's digital certificate. Obtaining this certificate can be accomplished by receiving a signed e-mail from the person you wish to send encrypted e-mails to.


Our SSLCheck will examine your website's root and intermediate certificates for correctness and report any potential issues

point up