How Do I Install an S/MIME Certificate?

Get email encryption and protection with SSL.com's S/MIME Certificates.

Download your certificate and install it in Outlook

  1. Download a PKCS#12 file with your certificate from your SSL.com account by clicking the link supplied in your Certificate Activation Link email and following the on-screen instructions in your web browser. You will be prompted to create a password before downloading the file. (Keep this password secure – you will need it later.) Make sure to keep track of where you saved your PKCS#12 file, and do not lose it. If you lose your private key, you will be unable to read messages encrypted with your public key.

    Note: when downloading your certificate it is possible to choose between the RSA and ECDSA algorithms via the Algorithm drop-down menu. However, ECDSA keys cannot be used for email encryption, so it’s best to leave this set to RSA.
  2. In Outlook, select File from the main menu, then click Options.

    Options

  3. Select Trust Center at the bottom of the menu on the left side of the Outlook Options window.

    Click Trust Center

  4. Click Trust Center Settings.

    Click Trust Center Settings

  5. Select Email Security from the left-hand menu of the Trust Center window.

    Select Email Security

  6. Click Import/Export.

    Click Import/Export

  7. Make sure Import existing Digital ID from a file is checked, then click Browse…

    Click Browse

  8. Navigate to the PKCS#12 file, then click Open. The filename extension should be .p12.

    Navigate to file

  9. Enter the password you used when downloading the PKCS#12 file, then click OK.

    Enter password

  10. Click OK on the security dialog box that pops up.

    Click OK

  11. Click Settings.

    Click Settings

  12. Enter a name for your security settings.

    Enter security settings name

  13. Click Choose, next to Signing Certificate. If you have only installed one certificate (as shown here), you can click OK on the Confirm Certificate dialog box that pops up. Otherwise, you will have to choose one from a list of installed certificates.

    Click Choose

    Confirm Certificate

  14. Click Choose, next to Encryption Certificate, and click OK on the Confirm Certificate dialog box. Again, if you have more than one certificate, select the same one you chose for Signing Certificate.

    Click Choose

  15. Click OK to close the Change Security Settings window.
  16. Set your desired default options for S/MIME email via the four checkboxes under Encrypted email, then click OK to close the Trust Center Window.

    Set S/MIME email options

The certificate is now installed and you can use it to digitally sign and encrypt messages in Outlook.

Send secure email in Outlook

  1. Begin composing a new email message in Outlook. Under Options, you can toggle the encryption and/or digital signature settings for the message.

    S/MIME options

  2. After sending, click Allow in the Windows Security dialog box that appears, allowing Outlook to use your private key.

    Security dialog box

  3. Note that if you attempt to send encrypted email and do not have your recipient’s public key, you will get an error message giving the option to send the message unencrypted.

    Error message

For more detailed information about S/MIME email, please see our article, Sending Secure Email with S/MIME.