Before you can send and receive secure e-mails with the FDA you must have already:
- Purchased a PersonalSign certificate.
- Downloaded and Installed your PersonalSign certificate.
- Configured your e-mail client to use your PersonalSign certificate.
The FDA uses self-signed certificates so the process for this is slightly different than standard S/MIME with trusted certificates.
- Compose a new e-mail in Outlook.
- The e-mail should be sent to email@example.com
- Put the e-mail address of your FDA point of contact in the subject line.
- Click on the Options tab in Outlook and click Sign.
- You can leave the body of the message blank; it should resemble the example below:
- Send the E-Mail
- You'll receive an automated reply signed by the e-mail address you put in the subject field.
Right click the e-mail address in the From field and click Add to Outlook Contacts:
- Click the Certificates button along the ribbon in the contacts window:
- Click the Properties button along the right hand side of the Certificates window:
- Click on the Trust tab and choose Explicitly Trust this Certificate:
- Press OK
- Press Save & Close to update the contact information. Choose Update if the contact already exists.
- The FDA's certificate has now been saved and explicitly trusted in Outlook. The final step is to send a signed and encrypted e-mail to your FDA contact to show that everything is successfully set up.
- Reply to the e-mail. This time it should be going to your FDA contact.
- On the Options tab in Outlook, this time choose both Encrypt and Sign.
- In the body of the e-mail you can put something to the effect of:
"I have saved your certificate and contact details in Outlook. This e-mail should now be encrypted."
- Press Send.
If everything was set up correctly, the FDA contact should receive and encrypted message from you. If you did not set this up correctly, Outlook will not allow you to send an encrypted message.
1. Using S/MIME for Email Encryption? Key Recovery Basics