Installing your certificate
After installing your certificate in Internet Explorer, it will be available for use in Outlook 2003. To use your certificate in Outlook 2003, do the following:
To define your security settings and to specify which certificate you wish to use you need to define your default security settings. To do so you need to click the "Settings…" button. You will then see the following screen:
You can create different security settings and give these separate names. You can define the following settings:
The first step is to give your setting a name, this you can choose yourself:
The "Digital Signature" settings allow you too choose the certificate you wish to use for signing your emails. If you click the "Choose…" button you will be presented by an overview of your personal certificates:
You can view each certificate by first selecting a certificate and then clicking on the ‘View Certificate…’ button. You will now have a screen which gives an overview of the certificate:
When you find the certificate you want to use select it and click "OK":
The certificate will now be added to both the "Signing Certificate" and "Encryption Certificate" box for this security setting.
However if you wish to change your Encryption Certificate, you can do so by clicking "Choose…" next to "Encryption Certificate" and following the above procedure to select your desired certificate:
Both "Signing Certificate" and "Encryption Certificate" settings section also allow you to define which type of hashing algorithm you want to use for the creation of your signatures (SHA-1, MD5 or 3DES etc).
Click "OK" to save this Security Setting.
The first step to securing your e-mail messages is to sign them using your digital certificate.
At the top of this window you will see two icons, the first is the signing icon and selecting this will sign your email with the chosen certificate, the second is the encrypting icon and selecting it will encrypt your email (note: you will need the public key of your recipient before you can encrypt your email).
Your digital signature enables the recipient of your message to verify that you actually sent the message and that it was not altered along the route. Signing your email will also give your recipient your public key, this will allow your recipient to send you encrypted emails in the future.
The untrusted signature icon shows that the received message was signed by a certificate which was issued by a CA which you do not trust yet (because you have not installed its root certificate or it has been revoked). This icon looks like:
You can sign your messages each time you want to sign or you can configure your security settings (as described previously) to sign using a specific certificate.
Customizing your Microsoft Outlook 2003 to have the Signing and Encryption buttons appear on your toolbar
In some cases you may not have these icons on your email window. In order to have these appear each time you start a new email follow the following steps:
1. From your toolbar click on New message button
2. A blank email will open. In this new window, click on Tools and then Customize from the next dialog box
3. Select the Commands Tab
4. In the Categories list select Standard and scroll down to "Digitally Sign Message" and "Encrypt Message Contents.."
5. To have the Digitally Sign Message button appear on your toolbar, select it and drag it to the Toolbar holding down the mouse as shown below :
Repeat this procedure for the "Encrypt Message" button
Click on Close to finish this procedure
The second step to secure your e-mail messages is to encrypt them. E-mail messages are relatively easy for other people to intercept or read.
To encrypt your message you need to have a copy of the digital certificate of the intended recipient. When you receive a signed email, you can save the certificate of the sender in your Contacts List. You need to create an entry in the Contacts List if you want to send encrypted email to that person. You must also import his digital certificate into your Contacts List.
When you receive an e-mail, the encrypted icon indicates that the message has been encrypted. This icon appears in the lower right corner (blue padlock) of the address pane. The encryption process is done automatically.
To send someone an encrypted message, you need a copy of their digital certificates in your Contacts List.
When you receive a signed or encrypted message, you can save the digital certificate of that person in your Contacts List. You first need to use your right mouse button and select the senders details:
This will give you the following screen, Select "Add to Outlook Contacts":
To check the certificate has been added to your contacts details, Click the "Certificates" tab. The certificate should be listed here: Click "Save and Close" to save it in your contacts.
You can search for a digital certificate in an online database such as GlobalSign’s, download the certificate and add it to your Contact details of your contact so that you can send an encrypted message to that person.
Note: When you remove someone’s digital certificate you will no longer be able to send encrypted messages to that person.
Installing and using your certificate in Microsoft Outlook 2003